nanog mailing list archives
Re: Port scanning legal
From: Shawn McMahon <smcmahon () eiv com>
Date: Tue, 19 Dec 2000 19:12:38 -0500
On Tue, Dec 19, 2000 at 05:23:27PM -0500, Steven M. Bellovin wrote:
As always, your mileage may vary. California law specifically
states that costs incurred by the victim include
any expenditure reasonably and necessarily incurred by the
owner or lessee to verify that a computer system, computer
network, computer program, or data was or was not altered,
deleted, damaged, or destroyed by the access.
So checking out a scan might qualify. As for "access", it's defined as
"Access" means to gain entry to, instruct, or communicate
with the logical, arithmetical, or memory function resources
of a computer, computer system, or computer network
In other words, as written, it means that if you pull up my web page, I can bill you for my time checking the apache logs to make sure you weren't doing anything wrong. And, if you send me email, I can bill you for my time spent making sure it didn't contain a virus. I'm thinking that law is easily challenged on the basis of vagueness.
Attachment:
_bin
Description:
Current thread:
- Re: Port scanning legal, (continued)
- Re: Port scanning legal Majdi S. Abbas (Dec 19)
- RE: Port scanning legal Roeland Meyer (Dec 19)
- RE: Port scanning legal Dan Hollis (Dec 19)
- RE: Port scanning legal Steven J. Sobol (Dec 19)
- RE: Port scanning legal Patrick Evans (Dec 19)
- Re: Port scanning legal Andrew Brown (Dec 20)
- RE: Port scanning legal Dan Hollis (Dec 19)
- Re: Port scanning legal Shawn McMahon (Dec 19)
- RE: Port scanning legal Larry Sheldon (Dec 19)
- Re: Port scanning legal J.D. Falk (Dec 19)
- Re: Port scanning legal Steve Sobol (Dec 19)
- Re: Port scanning legal jlewis (Dec 19)
- Re: [OT]Port scanning legal Henry R. Linneweh (Dec 20)