Identifying network contacts (Re: Port scanning legal)

[Sean Donelan <sean () donelan com>]

On Tue, 19 December 2000, "L. Sassaman" wrote:
> > Cool. Since you're obviously in the right, how about scanning some
> > U.S. military networks and letting us all know what OS they are using?
>
> I have tcpwrappers set to trigger a portscan after certain actions... and
> I have inadvertently scanned a section of the navy.mil network because of
> this. (They're running raptor... what a surprise.)
>
> I was not approached by any men in black after this happened. I suspect
> the US Military is well accustomed to having its networks scanned.

They may be used to it now, but circa 1991 I had a programmer who failed
to apply _htonl() in the appropriate connect() variable and spent several
days trying to debug his program.  The MIB at the TLA were not amused.

This was back in the days when WHOIS contact information had real contacts.
So it was simple for them to get a hold of me, and as soon as I did a WHOIS
on the organization for me to figure out the inverse of network 1.2.3.4 was
really 4.3.2.1.