ISP-Planet - ISP Politics - Port Scans Are Legal

Sections

• Best of the Lists
• Business
• CLEC-Planet
• Equipment
• Executive
Perspectives
• Fixed Wireless
• Investor
• Marketing
• Market Research
• News
• Notable Quotes
• Politics
• Profiles
• Resources
• Technology
• Value-Added
Services
• Webhosting
Also ...
• About Us
• Authors
• ISP-Planet Blog
• Letters
• Site Map
• Technology Jobs

ISP Resources

ISP-Lists
ISP Glossary
ISP News
The List
ISPCON Events
Free Newsletters

internet.com

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

internet.commerce

Partner With Us

Best of the ISP-Lists

Port Scans Are Legal

Members of the ISP-Webhosting list discuss a recent court ruling in which a federal judge found that port scans cause no damange. It's like opening doors: some opened doors are trespass, others are meant to be opened.

[December 30, 2000]

On the ISP-Webhosting list in December, PJ offered:

"I just read the following: 'Federal Court Finds that Scanning a Network Doesn't Cause Damage.' What do you think?"

A number of respondents seemed to view this as a dismal failure on the part of the justice system:

[NU complained] "This is the problem we run into when idiots that don't know anything about networks are making the final decisions concerning them. You would think they would consult with someone that actually knew what a port scan was. But they figured, 'Hmm� port scan, that must scan ports. Sounds okay to me.' Idiots."

[BL added] "One would also surmise that walking down the street trying all the car doors looking for one that's open is also legal—since no theft or damage has actually taken place. Yet another typical example of a screwed up US legal system, if you ask me."

[KB agreed] "I wonder how that judge would react if someone just wandered down his street checking all of the door knobs and windows at 3 AM? Is testing a doorknob to see if it's locked against the law? I doubt it, unless you actually enter. But the intent is still pretty clear. Why would you be scanning ports on an off-network system if you weren't trying to somehow compromise them?"

Others suggested that ruling any other way would have created a legal mess:

[JG contended] "There really is no problem. Port scanners scan ports on a particular machine or group of machines. Web browsers scan port 80 on every URL you type into the address bar. So what are we going to do, prosecute people who type a machine name into the web browser? Remember, the Internet is a public place, not a private residence or car. If you're on the Internet, we have a right to visit."

[DJ agreed] "I am glad this judge ruled this way. I believe he saved us a great amount of unnecessary work and headache in the future, chasing down bogus security breaches or breaches that never really happened."

[JM added] "I think this judgment is correct. If you prevent port scanning, you effectively remove a useful tool for enhancing network security. Of course, we could outlaw all scans. Then only the bad guys could do them."

MS provided a little clarification:

"I think the basic distinction is authorized port scans versus unauthorized port scans. Authorized port scans are those that are part of routine access, or scans that are performed with the prior knowledge and consent of the owners of the target systems. Unauthorized port scans are those that are performed with any other intent, good or bad, without the prior knowledge and consent of the target system's owners and/or administrators.

Authorized scans are clearly not illegal. Unauthorized scans ought to be illegal, same as checking the door handle of every car parked on main street, or cruising the neighborhood casing houses."

—End

Related articles:

[Nov. 13, 2000] Managed Security Provider

[Oct. 5, 2000] Network Discovery

[Aug. 12, 1999] How to Respond to a Port Scan?

Best of ISP-Planet

ISP-Planet Guide

ISP-Planet's
Principal Studies

Directories:
• Anti-Spam
• Backbone Providers
• Billing Services
• Customer Support
• IDS
• ISP Associations
• Registrar
• Trouble Ticketing
• Webmail
• Wholesale Dialup
• Wireless Equipment

Q3 2008
Top U.S. ISPs
by Subscriber
(Updated 12/02/2008)

VoIP Ranking by Subscriber (Updated 12/05/2008)

ISP-Planet's
Blogroll

ISP-Planet's RSS feed

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Whitepapers and eBooks

Avaya Article: Developing Speech Grammars that Rock, Part 2: Grammar Tuning
Microsoft Partner Portal: Hyper-V Vaults Microsoft into Virtualization Race
Small Business Solution Exchange: The Pros and Cons of Outsourcing Enterprise Emails
Avaya Article: JSR 289: SIP Servlet 1.1 Provides Significant Benefits for SIP Application Developers

Microsoft Article: Build and Run Virtual Machines with Hyper-V Server 2008
Internet.com eBook: Real Life Rails
Internet.com eBook: Best Practices for Developing a Web Site
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

HP Webinar: Virtualization for Business Critical SAP on SQL Server
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices

Rackspace Hosting Center: Customer Videos
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

IdeaBlade Download: DevForce EF--Developing for LINQ and the Entity Framework
Microsoft Download: Silverlight 2 SDK
30-Day Trial: SPAMfighter Exchange Module
Iron Speed Designer Application Generator

Microsoft Download: Silverlight 2 Developer Runtime (Windows)
IdeaBlade Download: .NET Programming with DevForce Classic
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Online Demo: IBM Cognos 8 Business Intelligence Reporting

MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES