Nmap Announce mailing list archives
RE: publicly available resources and the law
From: "Frank Miller" <frankm () bend or us>
Date: Tue, 23 Feb 1999 13:21:08 -0800
Howdy, That is the difference between a Felony and a Misdemonor according to Oregon State Law. If access a telnetd/ftpd/pop3/imap prompt and enter root, system, admin, etc *and* there is an "Unauthorized" type banner, then this will stick, I have seen it happen. If you are just opening POP3, telnetd, ftpd, or whatever ports, then I'd bet my years ski/snowboarding pass that no District Attorney could bring up a case. In discussions with local/state PD's as a consultant ... a door rattle (with stay out warnings) along with more than just a port access (user/password stream) can be considered a class A Misdemonor. Each logged access to try root at telnetd/ftpd is a single count BTW. Now, if a user exploits an IMAPd hole *and* makes does an inetd hack with a back door, bad juju ... it is now a Felony. Each system change is a single count of a class C felony. I've seen this happen too. I brought this message to the mail list not as a proponent of the law, but out of concern for what could transpire legally with grumpy targets. Frank
-----Original Message----- From: Technical Incursion Countermeasures [mailto:lists () ticm com] Sent: Tuesday, February 23, 1999 2:36 PM To: HD Moore Cc: nmap-hackers () insecure org Subject: Re: publicly available resources and the law ahh a good fun topic :}.. ok AFAIK this is how it is interpreted normally.. Port scanning is quite rightly not a crime - it equates to rattling door knobs and trying windows.. not a felony in itself - however it is suspicious activity. This is the key... Now if during our port scanning we happen to find a wide open NFS port and access it - then we have committed a crime - because by port scanning we have shown intent - it is no longer an accident that we just happened to push on the door and fall in. Now I know US law is different to Aust law - but I'm guessing that the intent provision is still there - i.e that to be convicted of a deliberate act - the prosecution must show that you indented to commit the act. Cheers, Bret PS and just in case someone is stupid enough to take what I said as legal advise - its not :} Technical Incursion Countermeasures consulting () TICM COM http://www.ticm.com/ ph: (+61)(041) 4411 149(UTC+8 hrs) fax: (+61)(08) 9454 6042 The Insider - a e'zine on Computer security http://www.ticm.com/info/insider/index.html
Current thread:
- publicly available resources and the law HD Moore (Feb 23)
- Re: publicly available resources and the law Technical Incursion Countermeasures (Feb 23)
- RE: publicly available resources and the law Frank Miller (Feb 23)
- Re: publicly available resources and the law Bennett Todd (Feb 23)
- Re: publicly available resources and the law Lamont Granquist (Feb 23)
- RE: legality of port-mapping Dragos Ruiu (Feb 23)
- RE: legality of port-mapping Lamont Granquist (Feb 24)
- Re: publicly available resources and the law Daemor (Feb 23)
- Re: publicly available resources and the law Technical Incursion Countermeasures (Feb 23)
- RE: publicly available resources and the law Frank Miller (Feb 23)
- RE: publicly available resources and the law Erik Parker (Feb 23)
- RE: publicly available resources and the law Dragos Ruiu (Feb 23)
- RE: publicly available resources and the law Frank Miller (Feb 23)
- RE: publicly available resources and the law rain.forest.puppy (Feb 23)
- RE: publicly available resources and the law Frank Miller (Feb 23)