[32993] in North American Network Operators' Group
RE: Port scanning legal
daemon@ATHENA.MIT.EDU (Matthew S. Hallacy)
Wed Dec 20 04:10:34 2000
Date: Wed, 20 Dec 2000 04:01:14 -0600 (CST)
From: "Matthew S. Hallacy" <poptix@POPTIX.NET>
To: Jeff Wheat <jeff@cetlink.net>
Cc: <nanog@merit.edu>
In-Reply-To: <EJELLAKIBEKLHMFNPPDLEEMGNCAA.jeff@cetlink.net>
Message-ID: <Pine.LNX.4.30.0012200358150.7418-100000@sleepybox.poptix.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 19 Dec 2000, Jeff Wheat wrote:
>
> Isn't that just sweet... So in a nutshell it is *not* illegal
> for kiddies to port scan a network looking for vulnerabilities.
> It would seem to me that such scans would impair the integrity
> of ones networks, or am I just smoking crack?
>
IIRC, CETLink used to run an IRC server, and currently hosts the UnderNET
IRC Network mailing lists, there are IRC scripts that portscan for open
ports on IRC servers for the purpose of finding a better (less busy) port
to use. What it boils down to, is determining the intent of the person
doing the scanning, which 99% of the time cannot be easily proved either
way, like guns, it could be for hunting, or it could be for murder, but
how do you write a law that says 'You can buy a gun for hunting and sport,
but not for killing people'?
-poptix
> Jeff
> CETLink.Net
>
