[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [dvd-discuss] e: portscanning
- To: "'dvd-discuss(at)cyber.law.harvard.edu'" <dvd-discuss(at)cyber.law.harvard.edu>
- Subject: RE: [dvd-discuss] e: portscanning
- From: John Galt <galt(at)inconnu.isu.edu>
- Date: Mon, 22 Oct 2001 20:15:27 -0600 (MDT)
- In-Reply-To: <Pine.LNX.4.21.0110221224340.30469-100000@sparcy.internal.lan>
- Mail-Followup-To: galt@inconnu.isu.edu
- Reply-To: dvd-discuss(at)cyber.law.harvard.edu
- Sender: owner-dvd-discuss(at)cyber.law.harvard.edu
Here's the problem, if you consider unauthorized access along the lines of
B&E, logically a portscan is casing the joint. Casing is often illegal,
but there's hardly any prosecution for casing because of the practical
impossibilities in prosecuting someone casing: how do you say that the
person wasn't actually looking over the house in order to check out the
architect's work? So by the same token, who's to say that a portscan by
me isn't a check of firewalls "in the wild"? My read on it is that
portscanning should be illegal, but only when coupled with concrete
evidence of intent, much in the same way casing is.
On Mon, 22 Oct 2001, Noah silva wrote:
>> > While I think that law is a bit unreasonable, as ICMP pings, etc. fly
>> > around all the time, and I don't think port scanning should
>> > be illegal...
>>
>> Port scanning would deviate from the well-known ports, so
>> under the current law, even if permission for standard ports
>> is implicit, scanning would probably still be illegal. (note: IANAL)
>
>To me:
>scanning is checking multiple ports.
>Checking a port is knowing on a door to see if it's open.
>Some ports are very standard, like FTP. Some are semi-standard (VNC,
>etc.). Changing a ports isn't a good way to block access anyhow, so I
>decline to draw a line between public and non-public ports. (technically
>there is none).
>Trying all my ports is like running down the hall knocking on every
>door. It's annoying at most. Unless you do it 300 times in a row, it's
>effects on me are very minor. So you know what doors I have open. If I
>put the machine on the internet, I obviously don't mind random people
>being able to tell that.
>
>Anyone can scan right now the machine I sent this from and find:
>a.) FTP
>b.) HTTP
>c.) Telnet
>d.) SSH
>e.) SMTP
>
>maybe some others... so what? If I don't want you to be able to know
>that.. I shouldn't put it on the internet.
>
>If you try to log into telnet 300 times with different username/password
>combinations... THAT is probably trying to "break in" and have
>"unauthorized access".
>
> -- noah silva
>
--
Be Careful! I have a black belt in sna-fu!
Who is John Galt? galt@inconnu.isu.edu