publicly available resources and the law

[HD Moore <hdmoore () usa net>]

Daemor wrote:
> Communicate with?  Retrieve data from?  Who authorizes me to connect to
> port 80 at www.nsa.gov?  No one,  it is made publicly available.  No
> authorazation is required to access the data.  Port scanning simply asks
> which services are offered by a computer.  Unless measures have been
> taken to restrict access to the data and the individual has attempted to
> circumvent those measures then I see no crime.  Being charged with a
> misdemeanor simply for port scanning ALONE seems a bit rediculous to
> me.  I realize that scanning a host is often followed by an attack on a
> system or is part of a search for vulnerable systems but simply asking
> if the information is publicly available should not be a crime.

Along these lines, I was wondering what the legal status of accessing
FTP servers with anonmyous logins, wide open NFS exports, or NetBIOS
shares.  There needs to be some clarification of what is considered
public access and what is simply misconfiguration.  Anyone have
something to contribute about what is actually legal to access and what
is invasion?  Is any resource that can be accessed without special
authorization considered public access in the terms of the law?