Security Incidents mailing list archives
Re: ICMP mapping, questioning legality!!
From: UnixGeek <ed () XWING CENTIGRAM COM>
Date: Wed, 13 Sep 2000 11:59:42 -0700
I have to disagree on several points within CPC 502 and with the stance that it inherently declares a portscan to be illegal. The statement that "portscanning is illegal in California", and then using CPC 502 as justification seems rather thin on several fronts. First off, you have the definition of 'access'. Pretty vague, as are most legal definitions, but does a portscan constitute access? A portscan would be more akin to casing a house or business before robbing it. But at the same time, there are instances wherein 'casing' activities may be misconstrued as preliminary to the crime itself. Case in point -- I'm a locksmithing hobbyist. I tend, therefore, to notice locks and their brands, setups, etc(i.e. our computer room uses Medco locks, the switch room uses Schlage XXX type, etc). Does that looking at the door/lock immediately make me guilty of attempted robbery? I would think not and in fact legally it does not. The same would stand under CPC 502. A prosecutor would need to show two very important, but different, preliminaries: method and means. Just because I portscan a box(method) does not construe me as having the means of accessing the system(whatever exploit, knowledge, script, etc). After a more thorough read of part c, it seems highly unlikely that a prosecutor could take a single act of running nmap, pscan or whatever against a system as a form of 'access'. The code harps on the terms of data, service and documentation and the illegal 'taking'(in the legal sense of the word) of such. Where, in a portscan, is this 'taking'? Edward Mitchell Centigram Unix Geek, BOfH, Network Admin, Darth Sysadmin ed () xwing centigram com http://www.the7thbeer.com/ed Sheepish Lord of Chaos -------------------------------------------------------------- "Fear leads to anger. Anger leads to hate. Hate leads to using Windows NT for mission-critical applications." -- What Yoda *meant* to say On Tue, 12 Sep 2000, David Knapp wrote:
I had the same question - is port scanning legal in California? I was told that it is in fact illegal - see California Penal Code section 502(2)(c) - i believe for the specific wording. http://www.csupomona.edu/~iit/policy/penalcode_502.shtml here is an example, and if you search google for California penal code 502, you are sure to find links to almost every state college in California - they quote that section as justification for a number of Campus policies. I have had discussions about this with our Campus Police, as well as independant legal counsel. They both said it is illegal and referred me to 502(2)(c). However, neither could cite any court cases nor could they recall anyone even going to court for port scanning. If anyone has any further info about port scanning in California, I would be glad to hear it. tia dbk dknapp () calpoly edu-----Original Message----- From: root [mailto:root () rgfsparc cr usgs gov] Sent: Tuesday, September 12, 2000 10:03 AM To: INCIDENTS Cc: root Subject: Re: ICMP mapping, questioning legality!!A couple of days ago our snort detected a NMAP ping to allour public IPS.Are they doing anything wrong legalwise? How can i go about it?That's going to depend on the laws of the country you're in, and of the country of origin. In the US, port scanning is for the most part legal, although generally frowned upon. The best thing I can suggest is simply to block them at your firewall. If they're just doing a general sweep of the Internet, they probably won't bother you again, anyway. Cheers, RGF Robert G. Ferrell, CISSP Information Systems Security Officer National Business Center U. S. Dept. of the Interior Robert_G_Ferrell () nbc gov ======================================== Who goeth without humor goeth unarmed. ========================================
Current thread:
- ICMP mapping, questioning legality!! sec (Sep 12)
- Re: ICMP mapping, questioning legality!! Jose Nazario (Sep 12)
- Re: ICMP mapping, questioning legality!! Benjamin Krueger (Sep 12)
- <Possible follow-ups>
- Re: ICMP mapping, questioning legality!! Robert G. Ferrell (Sep 12)
- Re: ICMP mapping, questioning legality!! David Knapp (Sep 13)
- Re: ICMP mapping, questioning legality!! UnixGeek (Sep 13)
- Re: ICMP mapping, questioning legality!! Ryan Russell (Sep 14)
- Re: ICMP mapping, questioning legality!! Greg A. Woods (Sep 14)
- Re: ICMP mapping, questioning legality!! Rune Kristian Viken (Sep 17)
- Re: ICMP mapping, questioning legality!! UnixGeek (Sep 13)
- Re: ICMP mapping, questioning legality!! Steve Stearns (Sep 13)