[32975] in North American Network Operators' Group
Re: Port scanning legal
daemon@ATHENA.MIT.EDU (Christian Kuhtz)
Tue Dec 19 19:39:33 2000
Date: Tue, 19 Dec 2000 19:35:24 -0500
From: Christian Kuhtz <ck@arch.bellsouth.net>
To: mdevney@teamsphere.com
Cc: nanog@merit.edu
Message-ID: <20001219193524.D10075@ns1.arch.bellsouth.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <Pine.LNX.4.21.0012191622200.31804-100000@core.teamplay.net>; from mdevney@teamsphere.com on Tue, Dec 19, 2000 at 04:26:33PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Dec 19, 2000 at 04:26:33PM -0800, mdevney@teamsphere.com wrote:
> I do not understand why people get so uppity about a scan. Let's be real
> here, a simple portscan is about equivalent to walking along a sidewalk
> and checking out the houses for open windows and doors. And about as
> harmful.
>
> What is harmful is what sometimes comes after that. (Not always; not
> usually; not even half the time I'd bet.) But the only damage a portscan
> does is a few packets over your network and maybe 4M of logs (depending on
> how you're logging). When writing and enforcing laws, it's important to
> punish what's harmful, not what may be harmful. Or else looking at houses
> as you walk down the street may be illegal.
I do think there is a difference between looking at houses and windows
from the street and walking up to them and rattling the door and windows to
see if it they are locked or determining what model lock, door or window
is used etc.
--
Christian Kuhtz <ck@arch.bellsouth.net> -wk, <ck@gnu.org> -hm
Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S.
"I speak for myself only.""
