[37826] in North American Network Operators' Group
Re: Stealth Blocking
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu May 24 18:36:32 2001
Message-Id: <200105242035.f4OKZbP03559@foo-bar-baz.cc.vt.edu>
To: nanog@merit.edu
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_-681910080P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Thu, 24 May 2001 16:35:37 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-681910080P
Content-Type: text/plain; charset=us-ascii
On 00 Jan 00 00:00:00, Valdis.Kletnieks@vt.edu said:
> Be careful, it's not as clear-cut as it may seem. At least in one US District
> Court, portscanning was held to be legal (or more precisely, that you couldn't
> count the cost of investigating one against damages)...
s/was held to be legal/was not in and of itself held to be illegal/.
Just a slightly different meaning there.. ;)
I'll let the lawyers argue how to define "damages" as stated in
18 USC 1030(a)(5) - I wouldn't be surprised if a lawer attempted to
claim that merely *FINDING* a vulnerability, but not exploiting it,
causes "damage" the same way that driving past somebody's house and
yelling "you have termites" causes damage if you investigate and
finding that you do, in fact, have a termite problem.
Of course, IANAL, and if anybody wants to cite case law please do so. ;)
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
--==_Exmh_-681910080P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Exmh version 2.2 06/16/2000
iQA/AwUBOw1wmXAt5Vm009ewEQI3WwCcDGyNp008KT2eGPU1Eoglt/v8YwYAniSf
H5S+RSD7o5RuCnWYdvnFgWSp
=h6RP
-----END PGP SIGNATURE-----
--==_Exmh_-681910080P--
