Re: Port Scans are Legal

[claymore <claymore () ADELPHIA NET>]

Besides the fact that it is probably against Acceptable Use of just about
any provider. So you may not go to jail, but you'll probably lose your
service.

Claymore
the unprofound

-----Original Message-----
From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On
Behalf Of Dan Riley
Sent: Monday, December 18, 2000 10:34 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Port Scans are Legal


Crist Clark <crist.clark () GLOBALSTAR COM> writes:
> The question come up here every few weeks, and it looks like any doubt
> has been erased for now. Port scanning is not illegal in the USA,
http://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D
126

Careful with that axe, Eugene.

It's just a district court decision, which means it isn't precedent in
most of the US.

It ruled that the cost of handling a port scan doesn't qualify as
damages under one provision of federal law.  That doesn't mean that
port scanning can't be illegal under some other provision of federal
law (but of course note "but federal law enforcement officials are
generally in agreement that port scanning is not a crime" (but also
note that no evidence or attribution is provided for this statement)).

And it doesn't address at all the question of state law--note in
particular

    Scott Moulton [...] is still facing criminal charges of attempted
    computer trespass under Georgia's computer crime laws for port
    scanning a system owned by a competing contractor.

My doubt has not been erased.
--
Dan Riley                                         dsr () mail lns cornell edu
Wilson Lab, Cornell University      <URL:http://www.lns.cornell.edu/~dsr/>
    "History teaches us that days like this are best spent in bed"