[32971] in North American Network Operators' Group
RE: Port scanning legal
daemon@ATHENA.MIT.EDU (Patrick Evans)
Tue Dec 19 18:49:51 2000
Envelope-To: nanog@merit.edu
Date: Tue, 19 Dec 2000 23:47:34 +0000 (GMT)
From: Patrick Evans <pre@pre.org>
To: "Steven J. Sobol" <sjsobol@NorthShoreTechnologies.net>
Cc: "'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.21.0012191812160.8177-100000@amethyst.nstc.com>
Message-ID: <Pine.LNX.4.20.0012192338480.15554-100000@pimlico.pre.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 19 Dec 2000, Steven J. Sobol wrote:
> Dan is apparently suggesting that scanning *an* IP and scanning a
> /16 worth of IP's are one and the same action...
>
I suspect we've wandered from the point somewhat.
The original discussion arose from a report of an individual landing
himself in court as a result of scanning a network which housed (at
the very minimum) a 911 center and a police department.
I may be the only person to see scanning "a network" as being somewhat
similar to scanning "a /16 worth of IP's" (it's merely a matter of
scale, after all) when compared with scanning one IP alone, but I
doubt it.
Let's get this in perspective. Person connects machine to network, in
the full knowledge that said network involves a police department, a
911 call center, and machines which are in some way related to local
and/or state government. Portscan that lot, and if you're surprised
that you start to attract some heat then you have to be asking for
trouble. The comparison with scanning a /16 MIL network is, while
something of an exaggeration, a reasonable comparison (IMNSHO).
Either way, does it really warrant quite such a vociferous discussion?
--
Patrick Evans - Net bloke, indie kid and lemonade drinker
pre at pre dot org www dot pre dot org
