[oclug] tuesday afternoon rant about the FBI and an isp

[burns]

From: "David F. Skoll" <dfs at roaringpenguin.com>

> On Mon, 19 Mar 2001 bbarnett at l8r.net wrote:
>
> > Erm, scanning someone isn't illegal, and it isn't wrong.
>
> Scanning someone *in preparation* for breaking into his system or
> bringing it down is illegal, and is wrong.
>

This is an old chestnut. I might as well throw my 2c. into this age old
debate:

* It depends on the legal jurisdiction i.e. country/province/state. In some
it is illegal, in others it is if you can establish probable intent, in
others it isn't at illegal at all.

* I tend to go for the middle category. If you are just scanning one or two
ports that are usually associated with Quake servers, then I normally assume
that you are an errant (and promiscuous) Quake client in
multi-player/internet mode.

* OTOH, if you conduct a thorough scan of all the known target ports (i.e.
usually associated with exploits) on my system in a prolonged and systematic
fashion, then I am going to assume that your intentions are less than
honorable and take exception to it. In such a case (and if it went on long
enough, or I was in a sh*tty mood) I just might report it.

* In the first case, it's like someone knocking on your door with the wrong
address. In the second case it's quite analogous to someone knocking on your
door and then going around and trying every window around the sides and back
of your house to see if they can get in. It's not burglary, but it's darn
sure not normal innocent behaviour and at the very least it is trespass.

--
burns