On Wed, Sep 12, 2001 at 12:02:02PM +0100, News wrote:
> Michael,
> As I referred, portscanning is considered an intrusion attempt. "Why would
Considered an intrusion attempt by WHO? By you? So what? I
have yet to see any court action which would indicate that the courts
consider portscanning an intrustion attempt. The few that ARE on record (in
the US indicate to the contrary. Discussion with FBI people (I'm a member
of InfraGard), NIPC and justice people indicate that it's a grey area but
they give no indication that they consider portscanning "in and of itself",
without any other hostile activity, to be indicative of an intrusion. They
literally have nothing to act on, based on port scanning behavior alone.
The one attempt that was made in civil court got thrown out rather profoundly.
> you try 'open' every door on your neighborhood buildings?" - On the eyes of
God, I just love it. Every time this argument comes up people start
resorting to bogus analogies. Ok... I'll bite. So why is that analogy
any more valid than the equally bogus analogy of someone walking along a
street (or in a mall) looking in windows and doors to see what stores and
open and reading the signs in the windows to see what services they offer
and what times they are open (banners, anyone)?
> the law, this is considered an 'attempt'. For me, an attempt would be trying
> usernames/passwords against 'public' services, which is a lot beyond a
> portscanning. Personally I got my home Internet connection shut down by my
> ISP due to an 'attempt of intrusion on a router of an important
> customer'.... whatever that is. It took almost a week of claims and
> 'threats' from me to get the link up again.
Ok... I'm confused. Are you arguing that portscanning is legal
or is not legal. At first, I thought you were arguing that it was not
legal. Now you seem to have turned around and are agreeing with me that
it is legal and that you were merely treated improperly by an overreacting
ISP. I'll grant you this, if we are not talking about legal or illegal,
if we are talking about ISP policies and AUPs, that is a whole different
can of worms.
I guess I don't quite understand what you are arguing here.
> Regards,
> Nuno Mendes / GeP
> -----Original Message-----
> From: Michael H. Warfield [mailto:[EMAIL PROTECTED]]
> Sent: terca-feira, 11 de Setembro de 2001 4:03
> To: News
> Cc: [EMAIL PROTECTED]
> Subject: Re: Is it "legal" to nmap offending hosts?
>
>
> On Mon, Sep 10, 2001 at 10:23:58AM +0100, News wrote:
> > Hi,
>
> > Yes, it's considered illegal. In several countries it's considered an
> > intrusion attempt and you can be charged for that. Even if you scan a
> > possible intruder that scanned your hosts. Port scanning is seeing as a
> > 'legal' tool for sys admins, to use on their network hosts, and law
> > enforcement organizations.
>
> Counter example. We have at least one court ruling in the
> United States which explicity and emphatically said that port scanning
> was legal and no activities in reaction to a port scan could be considered
> as damages or losses. This was in the state of Georgia where I reside.
> AFAIK, there are no contradictory court rulings elsewhere in the US.
>
> If it's illegal in your country, please cite specifics. Court
> rulings or specific laws would help. I see you are in .pt. What
> are the specifics in Portugal?
>
> Note: I don't consider it advisable to nmap someone back in
> general, but for totally different reasons. Mostly, you don't want
> to tip off attackers that they have your attention.
>
> > Cheers,
>
> > Nuno Mendes / GeP
>
> > -----Original Message-----
> > From: Xno Xutz [mailto:[EMAIL PROTECTED]]
> > Sent: sabado, 8 de Setembro de 2001 16:10
> > To: [EMAIL PROTECTED]
> > Subject: Is it "legal" to nmap offending hosts?
> >
> >
> > Hi All!
> >
> > Sure this is a beginners question, but I must ask it
> > anyway. Is it considered ilegal ou unpolite to send
> > nmap probes to offending hosts I find in my logs? I
> > have no intention to go any farther, but I would like
> > to gather some information on these hosts.
> >
> > Any comments would be welcome!
> >
> > Regards,
> > Xno
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Get email alerts & NEW webcam video instant messaging with Yahoo!
> Messenger
> > http://im.yahoo.com
>
> --
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
