nanog mailing list archives
Re: Port scanning legal
From: Deepak Jain <deepak () ai net>
Date: Tue, 19 Dec 2000 15:03:21 -0500 (EST)
On Tue, 19 Dec 2000, Alex Rubenstein wrote:
On Tue, 19 Dec 2000, Shawn McMahon wrote:How many ports must be scanned before you deem it an attack? Is one port enough? Five? 50?I don't deem a port scan as vicious or an attack.
Without muddying the issue, while a port scan might not be considered (legally or operationally) as vicious or an attack, one need not feel obligated to allow it (at a router/firewall level) or support it or ignore it for that matter. I don't support people screaming that someone's dial-up connection should be shut off for it, but that doesn't mean a thoughtful admin can't keep an eye on machines that have scanned his/her network. I liken it to driving into someone's driveway. They _might_ just be turning around, they _might_ just be lost, they _might_ be planning something nefarious. It doesn't make you call the cops instantly, but it doesn't stop you from taking note of their license plate, description or other vital details. Deepak Jain AiNET
Current thread:
- Port scanning legal Edward S. Marshall (Dec 19)
- RE: Port scanning legal Jeff Wheat (Dec 19)
- RE: Port scanning legal Patrick Evans (Dec 19)
- RE: Port scanning legal John Fraizer (Dec 19)
- Re: Port scanning legal Shawn McMahon (Dec 19)
- Re: Port scanning legal Alex Rubenstein (Dec 19)
- Re: Port scanning legal Deepak Jain (Dec 19)
- Re: Port scanning legal Leo Bicknell (Dec 19)
- RE: Port scanning legal Jeff Wheat (Dec 19)
- Re: Port scanning legal Valdis . Kletnieks (Dec 19)
- Re: Port scanning legal mdevney (Dec 19)
- Re: Port scanning legal Christian Kuhtz (Dec 19)
- Re: Port scanning legal Todd Suiter (Dec 19)
- <Possible follow-ups>
- RE: Port scanning legal Mark Borchers (Dec 19)
- RE: Port scanning legal Roeland Meyer (Dec 19)
- Re: Port scanning legal Shawn McMahon (Dec 19)