RE: Port scanning legal

[Patrick Evans <pre () pre org>]

On Tue, 19 Dec 2000, Steven J. Sobol wrote:

> Dan is apparently suggesting that scanning *an* IP and scanning a
> /16 worth of IP's are one and the same action...
I suspect we've wandered from the point somewhat.

The original discussion arose from a report of an individual landing
himself in court as a result of scanning a network which housed (at
the very minimum) a 911 center and a police department.

I may be the only person to see scanning "a network" as being somewhat
similar to scanning "a /16 worth of IP's" (it's merely a matter of
scale, after all) when compared with scanning one IP alone, but I
doubt it.

Let's get this in perspective. Person connects machine to network, in
the full knowledge that said network involves a police department, a
911 call center, and machines which are in some way related to local
and/or state government. Portscan that lot, and if you're surprised
that you start to attract some heat then you have to be asking for
trouble. The comparison with scanning a /16 MIL network is, while
something of an exaggeration, a reasonable comparison (IMNSHO).

Either way, does it really warrant quite such a vociferous discussion?

-- 
Patrick Evans - Net bloke, indie kid and lemonade drinker
pre at pre dot org                    www dot pre dot org