North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Port scanning legal
On Tue, Dec 19, 2000 at 05:23:27PM -0500, Steven M. Bellovin wrote: > > As always, your mileage may vary. California law specifically > states that costs incurred by the victim include > > any expenditure reasonably and necessarily incurred by the > owner or lessee to verify that a computer system, computer > network, computer program, or data was or was not altered, > deleted, damaged, or destroyed by the access. > > So checking out a scan might qualify. As for "access", it's defined as > > "Access" means to gain entry to, instruct, or communicate > with the logical, arithmetical, or memory function resources > of a computer, computer system, or computer network In other words, as written, it means that if you pull up my web page, I can bill you for my time checking the apache logs to make sure you weren't doing anything wrong. And, if you send me email, I can bill you for my time spent making sure it didn't contain a virus. I'm thinking that law is easily challenged on the basis of vagueness.