It's worth looking into the Daniel Cuthbert case in the UK.<br><br>Drew<br><br><div><span class="gmail_quote">On 02/06/06, <b class="gmail_sendername">Lawrence Tang</b> <<a href="mailto:tang.luong@gmail.com">tang.luong@gmail.com
</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div>"Vulnerability test" is not "port scan". It could involve attempt to "penetrate" or even penetration of the website through a vulnerable server script for instance. In this particular case, we don't know what RA 8792 in the Philippines says and/or what Tridel Technologies, Inc did. But in general, "port scan" is supposed to be only checking which TCP/IP ports are open for connection without going through the entire process of connection. There is no question of penetration. How could any authority prosecute this legitimately? If I, by mistake, attempt a connection to a site, could I be in legal trouble? How many ports constitute "port scanning"?
<br><br>
<div>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;"></blockquote></div><div><span class="q">----- Original Message -----<br>From: "Nightfall Nightfall" <
<a href="mailto:danzigfour@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
danzigfour@gmail.com</a>><br>To: <<a href="mailto:full-disclosure@lists.grok.org.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">full-disclosure@lists.grok.org.uk</a>><br></span></div>
<div><span class="q">Sent: Friday, June 02, 2006 1:26 AM<br>Subject: Re: [Full-disclosure] scanning<br><br>
<br>> On 6/2/06, Simon Smith <<a href="mailto:simon@snosoft.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">simon@snosoft.com</a>> wrote:<br>> > Guys,<br>> > It is not illegal to port-scan a target IP with or without
<br>> > authorization. It would be impossible to prosecute someone because they
<br>> > portscanned you. Hell, it would be near impossible to prosecute someone<br></span></div><div><span class="q">> > who ran nessus against you but never penetrated your systems. From<br>> > expereince, the FBI only takes interest in crimes that cause roughly
<br>> > $50,000.00 in damage or more. If you are below that mark or if they are<br>> > too busy... you won't get jack unless you pay for it.<br>> ><br>> ><br>> ><br></span></div><div><span class="q">
> > David Alanis wrote:
<br>> > >> Depends on the Jurisdiction... However If I found out that it was my<br>> > >> site, I'd have to debate on whether or not to sue your ass... But<br>that's<br>> > >> just me...
<br>> > >><br>> > ><br>> > > You would not sue anyone. Thats just saying that you would sue anyone<br>under the sun trying to ping or go after some bot trying to scan your Apache<br>box for IIS 5 vulnerabilities. My point is, even if you did realize someone
<br>was actively scanning your host, there would be nothing you could do, I<br>think it would be too time consuming. Yet your question still stands. Is it<br>legal or illegal?<br>> > ><br>> > > David<br>
> > ><br>> > ><br>> > ><br>> > >> -----Original Message-----<br>> > >> From: <a href="mailto:full-disclosure-bounces@lists.grok.org.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
full-disclosure-bounces@lists.grok.org.uk
</a><br>> > >> [mailto:<a href="mailto:full-disclosure-bounces@lists.grok.org.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">full-disclosure-bounces@lists.grok.org.uk</a>] On Behalf Of
<br>> > >> Nightfall Nightfall<br>> > >> Sent: Thursday, June 01, 2006 7:54 PM
<br>> > >> To: <a href="mailto:full-disclosure@lists.grok.org.uk" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">full-disclosure@lists.grok.org.uk</a><br>> > >> Subject: [Full-disclosure] scanning
<br>> > >><br>> > >><br></span></div><div><span class="q">
> > >> Is it illegal if I perform a vulnerability scan on a site without<br>> > >> permission from the owner? How about a simple port scan? thanks..<br>> > >><br></span></div><div>> > >> _______________________________________________
</div><div><span class="q"><br>> > >> Full-Disclosure - We believe in it.<br>> > >> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> > >> Hosted and sponsored by Secunia -
<a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/</a><br>> > >><br>> > >> _______________________________________________<br>
> > >> Full-Disclosure - We believe in it.<br>> > >> Charter:
<a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> > >> Hosted and sponsored by Secunia -
<a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/
</a><br>> > >><br>> > ><br>> > ><br>> > ><br></span></div><div><span class="q">> > > "Great Spirits Have Always Encountered Violent Opposition From<br>Mediocre Minds" - Einstein
<br>> > ><br>
> > > "Cuanta estupidez en tan poco cerebro!"<br>> > ><br>> > > _______________________________________________<br></span></div><div><span class="q">> > > Full-Disclosure - We believe in it.
<br>> > > Charter:
<a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> > > Hosted and sponsored by Secunia -
<a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/
</a><br>> > ><br>> ><br>> ><br>> ><br>> ><br></span></div><div><span class="q">> > BullGuard Anti-virus has scanned this e-mail and found it clean.<br></span></div><div>> > Try BullGuard for free:
<a href="http://www.bullguard.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
www.bullguard.com</a></div><div><span class="q"><br>> ><br>> ><br>> > _______________________________________________<br>> > Full-Disclosure - We believe in it.<br>> > Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> > Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/
</a><br>> ><br></span></div><div><span class="q">> I brought up this topic coz of these incident
<br>> -<a href="http://www.pinoytechblog.com/archives/tridel-settles-with-inq7net-on-vuln" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pinoytechblog.com/archives/tridel-settles-with-inq7net-on-vuln
</a><br>erability-test-suit<br>> .<br>> I was wondering if they were justified in suing the perpetrator who
<br>> did the vulnerability scan on their network.<br>><br>> _______________________________________________<br></span></div><div><span class="q">> Full-Disclosure - We believe in it.<br>> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/
</a><br>><br><br></span></div><div></div><br>
</div><br>_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
<br></blockquote></div><br>