|
Full Disclosure
mailing list archives
Re: scanning
From: Valdis.Kletnieks () vt edu
Date: Fri, 02 Jun 2006 12:31:48 -0400
On Fri, 02 Jun 2006 17:05:26 +0200, =?windows-1252?Q?Marcos_Ag=FCero?= said:
ad () heapoverflow com escribió:
That is why the definition of damage is so important. If there is no
impairment to the integrity and availability of the network, then there
is no crime.
So, It's seems that portscanning is not a crime but, what if I scan a
network and sell/trade/lend the results to some guy that will cause that
impairment to the network? Is it a crime to sell such information?
At least in the US, it's a slam dunk, and one of the primary ways that
hackers get taken down (quite possibly as many as under 1030(a)(5) which
covers actually hacking in yourself).
18 USC 1030 (a)(6):
(6) knowingly and with intent to defraud traffics (as defined in section 1029) in any password or similar information
through which a computer may be accessed without authorization, if:
(A) such trafficking affects interstate or foreign commerce; or
(B) such computer is used by or for the Government of the United States; [1]
"passwords or similar information". If it's info that lets the guy hack in,
like "the box is vulernable to MS06-229", you're probably in trouble. There's
more than a few script kiddies now walking around with a criminal record
because they got caught copying files of Windows password hashes around so they
could run a password cracker on them.
Attachment:
_bin
Description:
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: scanning, (continued)
Re: Fw: scanning Lawrence Tang (Jun 02)
Re: scanning 0x80 (Jun 02)
Re: scanning schanulleke . 29172787 (Jun 12)
| 
Intro
