North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: Port scanning legal
> From: Steven M. Bellovin [mailto:[email protected]] > Sent: Tuesday, December 19, 2000 2:23 PM Thanks for re-quoting this ... > In message > <[email protected]>, "Edward > S. Marshall" writes: > > > >http://www.securityfocus.com/templates/article.html?id=126 > >This may have ramifications for both security professionals > and abuse desk > >personnel; this ruling would seem to make it clear that you > cannot claim > >time spent investigating abuse issues as damage. The > complete finding is > >here: > > > > http://pub.bna.com/eclr/00434.htm > > > >Any armchair lawyers on the list want to take a crack at this? After reading the specifics I could find. It would seem that you could bill for the investigation only AFTER there has been a break-in. Bad analogies aside, a port scan isn't a break-in, by any stretch of the imagination. Therefore, on its own, it's not billable. However, if a break-in has been proven, time spent on the investigation, before-hand, becomes billable. -- IANAL - I Am Not A Lawyer. Before taking action on anything I say, you are encouraged to seek legal advice.