North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Port scanning legal

  • From: Roeland Meyer
  • Date: Tue Dec 19 17:37:45 2000

> From: Steven M. Bellovin [mailto:[email protected]]
> Sent: Tuesday, December 19, 2000 2:23 PM

Thanks for re-quoting this ...

> In message 
> <[email protected]>, "Edward 
> S. Marshall" writes:
> >
> >

> >This may have ramifications for both security professionals 
> and abuse desk
> >personnel; this ruling would seem to make it clear that you 
> cannot claim
> >time spent investigating abuse issues as damage. The 
> complete finding is
> >here:
> >
> >
> >
> >Any armchair lawyers on the list want to take a crack at this?

After reading the specifics I could find. It would seem that you could bill
for the investigation only AFTER there has been a break-in. Bad analogies
aside, a port scan isn't a break-in, by any stretch of the imagination.
Therefore, on its own, it's not billable. However, if a break-in has been
proven, time spent on the investigation, before-hand, becomes billable.

IANAL - I Am Not A Lawyer. Before taking action on anything I say, you are
encouraged to seek legal advice.