On Tue, 27 Jul 1999, Ron DuFresne wrote:
> If I'm correct and you are doing this from a homesite, to your employers
> site, then most certainly it all depends upon protocol at your employer.
More importantly it depends on (a) usage policies for both providers -
either one may prohibit such scans, and if reported access could be
terminated irregardless of intent, and (b) what local statutes are in
place at the terminating end of the scans for all cases. For instance, if
you're in Oregon, the local laws are quite well laid out about what
constitutes an attempt at access beyond what is normally allowed, if
you're in Trinidad it may not be so cut and dried. Scanning up to 400
addresses could seem to be quite bad if the provider re-addresses and
gives out 2 or 3 subnets to something someone considers sensitive.
Worse yet, if someone finds you scanning and uses your address to spoof
scans of more than just port 80 of a local provider's /23s, you might not
be standing on too solid ground.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
