Re: ICMP mapping, questioning legality!!

["Robert G. Ferrell" <root () rgfsparc cr usgs gov>]

> There's a general expectation that if you put up a web server that people
> will use it, and that is authorized and expected.

This has been and will continue to be a gray area in the law.
Back around Christmas of 1996, the main page of the US Air Force
site was defaced.  I was managing Internet services for an Air Force
medical facility at the time.  The Air Force policy that was issued as
a result of that incident directed all Air Force sites to remove the word
"welcome" from the texts of their pages, on the grounds that some legal
authority or another had ruled that such language constituted an open
invitation for people to break into the system.  I personally find that
logic utterly absurd and counter-intuitive, but then that describes much
of what goes on in any large bureacracy.

Maybe we should all just put big red banners across the top of our pages that
say "You toucha my server, I breaka yo' face."

;-)

Cheers,

RGF

Robert G. Ferrell, CISSP
Information Systems Security Officer
National Business Center
U. S. Dept. of the Interior
Robert_G_Ferrell () nbc gov
========================================
 Who goeth without humor goeth unarmed.
========================================