"Dave Gillett" writes:
> On 21 Jul 99, at 18:04, Matthew G . Harrigan wrote:
>
> > Last I checked, utilizing things such as port scanners, tcp fingerprinting
> > tools, and the like are not illegal, because there is no way to
> > disseminate legitimate system administration techniques (you'll notice that
> > enterprise network management packages which do network discovery utilize
> > all of the above.) from actual penetration attempts, unless the activity
> > yields someone actually gaining user level access to a said networked
> > device. I would find it hard to believe that someone could be prosecuted
> > based on something like an nmap scan.
>
> This is like saying that car theft can't be illegal because it would
> prevent anyone from ever driving! [Clue: It becomes criminal when you don't
> have the owner's permission....]
Your impression that you must have an owner's permission to portscan,
otherwise it is illegal is mistaken.
Criminal intent must be present or else it's not a crime, regardless if
the was permission or not, at least in the U.S.A.
For example, if a student decides to do a report on the number of web
servers running today on the Internet and in doing the work, port scans
your hosts looking for web servers, it's not a crime because there wasn't
criminal intent. Now the student may have violated an acceptable use
policy at her/his site, but that's a long way from committing a crime.
< paul
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
