|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Port scanning legal
Isn't that just sweet... So in a nutshell it is *not* illegal for kiddies to port scan a network looking for vulnerabilities. It would seem to me that such scans would impair the integrity of ones networks, or am I just smoking crack? Jeff CETLink.Net > -----Original Message----- > From: [email protected] [mailto:[email protected]]On Behalf Of > Edward S. Marshall > Sent: Tuesday, December 19, 2000 10:43 AM > To: [email protected] > Subject: Port scanning legal > > > > http://www.securityfocus.com/templates/article.html?id=126 > > A quick quote from the article: > > A tiff between two IT contractors that spiraled into federal court > ended last month with a U.S. district court ruling in Georgia that > port scanning a network does not damage it, under a section of the > anti-hacking laws that allows victims of cyber attack to sue an > attacker. > > Last week both sides agreed not to appeal the decision by judge Thomas > Thrash, who found that the value of time spent investigating a port > scan can not be considered damage. "The statute clearly states that > the damage must be an impairment to the integrity and availability of > the network," wrote the judge, who found that a port scan impaired > neither. > > This may have ramifications for both security professionals and abuse desk > personnel; this ruling would seem to make it clear that you cannot claim > time spent investigating abuse issues as damage. The complete finding is > here: > > http://pub.bna.com/eclr/00434.htm > > Any armchair lawyers on the list want to take a crack at this? > > -- > Edward S. Marshall <[email protected]> > http://www.nyx.net/~emarshal/ > ------------------------------------------------------------------ > ------------- > [ Felix qui potuit rerum cognoscere causas. > ] > >
|