Nmap Announce mailing list archives

Re: nmap illegal to use?

From: Thomas Reinke <reinke () e-softinc com>
Date: Mon, 11 Jun 2001 00:19:43 -0400

There are some pretty compelling arguments in the paper, and a hell
of a lot of research backing it up.

If you have a legal interest in the issue, I'd suggest taking
a complete read through the paper.

Some of the interesting bits (and please note these are out of
context...you really should read the article located at
http://grove.ufl.edu/~techlaw/vol6/Preston.html)

"COMPUTER FRAUD, ACCESS AND NMAP:
Most American jurisdictions have computer crime laws which include 
prohibitions on unauthorized access. ... As a threshold for criminal 
liability,  "access" proves to be a tremendously porous border."

TRANSLATING "ACCESS" INTO REAL LIFE ON THE INTERNET
"...A court deciding whether to assign liability would first inquire 
into what technical measures were used; the court must find the 
fences in cyberspace. Next, the court must decide whether the technical 
measures were reasonable. The computer owner who failed to
protect against banner-grabbing should not have legal recourse when 
banner grabbing identifies his operating system. A computer owner who 
used a firewall that prevented port scans but not nmap-type OS
fingerprinting
might establish a strong case for liability against a nmap scanner."



Tom Brays wrote:


Have you seen this one yet? Give me a break!

"The Journal of Technology Law and Policy has a good article on computer security and privacy. If you ignore the more 
metaphorical crap at the beginning of the article, the author marches through some laws that apply to the Internet 
and shows how they apply and why his way of deciding what kind of access to a computer breaks the law and what kinds 
don't is better. (Its based on property and expectations of privacy.) It's interesting to see the computer security 
from a lawyer's point of view. Especially interesting are his claims that using nmap is illegal, despite the VC3 v. 
Moulton case."
--


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Current thread:

nmap illegal to use? Tom Brays (Jun 10)
- Re: nmap illegal to use? Fyodor (Jun 10)
- Re: nmap illegal to use? Thomas Reinke (Jun 10)
  - RE: nmap illegal to use? Jim (Jun 11)
- <Possible follow-ups>
- RE: nmap illegal to use? Scott Moulton (Jun 11)