Internet-wide port scans

Tue Oct 16 16:23:32 UTC 2012

On Tue, 16 Oct 2012 11:38:52 -0400, Darius Jahandarie said:

> In particular, my understanding was that since you're sending a SYN,
> it could very well initiate access to stored communications (although

What 18 USC 2701 actually says, courtesy of www.law.cornell.edu:

"Offense. - Except as provided in subsection (c) of this section whoever:

(1) intentionally accesses without authorization a facility through which an
electronic communication service is provided; or

(2) intentionally exceeds an authorization to access that facility;

and thereby obtains, alters, or prevents authorized access to a wire or
electronic communication while it is in electronic storage in such system shall
be punished as provided in subsection (b) of this section."

First off, I believe (but don't have citation handy) there's actual case law
that says that a SYN scan doesn't count as "access" (either without or exceeding
authorization).  And that's *stored* communications (in other words, your
mail spool, not mail in-flight).

You're better off chasing 18 USC 2511 (wiretapping, where the bits are in
motion), and of course the 800 pound gorilla would be 18 USC 1030 (Fraud and
related activity in connection with computers).

And I'm pretty sure that an NMAP scan doesn't rise to the definition of
'accessed' for any of those.  Of course, if the answer actually matters, ask a
competent lawyer you've paid for advice. ;)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20121016/78451ae9/attachment.sig>