Internet-wide port scans

Jimmy Hess mysidia at gmail.com
Tue Oct 16 23:43:34 UTC 2012


On 10/16/12, Darius Jahandarie <djahandarie at gmail.com> wrote:
> On Tue, Oct 16, 2012 at 12:57 AM, Scott Weeks <surfer at mauigateway.com>
> wrote:
> I always thought it wasn't allowed because of 18 USC § 2701, but
> IINAL, would be happy to hear otherwise :).
18 USC 2701 is not necessarily the only  consideration.

I would rather say that there might be a risk of criminal and civil
liability,  for all entities intentionally participating in, assisting
as accomplices in, or facilitating as service provider, software
provider, providers of information or operating instructions, etc,
for, anyone conducting or intentionally assisting an unauthorized port
scan  of  a different ISP's address space,  that varies with
jurisdiction, and you should consult your counsel,  to determine if
any precautions are appropriate to manage the risk,  such as obtaining
proper  Letters of authorization from IP address assignees in advance,
 or if the responsible entity determines that you must abstain from
the activity entirely, because the risk level is too high.

By definition a  reputable service, will not have a policy that you
may execute internet-wide port scans of arbitrary ports that include
IP networks/addresses that are not either assigned to you, your ISP
customer,  or that you have specific written permission to scan,  as
they will want to manage the risks to themselves properly as well.

Port scans are strongly associated with malicious activity.

And there are other risks of adverse actions, besides legal ones, such
as the service provider's address space becoming widely blacklisted or
becoming depeered.


Before a network service provider offers any kind of service that
permits the SPs' services
to be used for arbitrary port scans of other remote networks, they are
likely to have taken steps to  protect themselves,  by setting some
terms of use and policy restrictions on  what conditions and
parameters must be met, before a scan is allowed.




> Darius Jahandarie
--
-JH



More information about the NANOG mailing list