North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Port scanning legal

  • From: Shawn McMahon
  • Date: Tue Dec 19 14:01:45 2000

On Tue, Dec 19, 2000 at 11:59:23AM -0500, John Fraizer wrote:
> Had he likened portscanning someones network to walking into their back
> yard with a ladder, climbing up to the second floor and checking for open
> windows, perhaps the court would have found differently.

I'm sure they would, but it's a deeply flawed analogy.

How many ports must be scanned before you deem it an attack?  Is one port
enough?  Five?  50?

If you pick a number here, is that arbitrary, or do you have a valid
logical (and legally-supportable) reason for the number?

If one port is sufficient, then the act of typing an IP address into a
web browser to see if there's a web server listening is a crime.

Attachment: pgp00011.pgp
Description: PGP signature