Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Re: nmap illegal to use?

Re: nmap illegal to use?

From: Thomas Reinke <reinke_at_e-softinc.com>
Date: Mon, 11 Jun 2001 00:19:43 -0400

There are some pretty compelling arguments in the paper, and a hell
of a lot of research backing it up.

If you have a legal interest in the issue, I'd suggest taking
a complete read through the paper.

Some of the interesting bits (and please note these are out of
context...you really should read the article located at
http://grove.ufl.edu/~techlaw/vol6/Preston.html)

"COMPUTER FRAUD, ACCESS AND NMAP:
Most American jurisdictions have computer crime laws which include
prohibitions on unauthorized access. ... As a threshold for criminal
liability, "access" proves to be a tremendously porous border."

TRANSLATING "ACCESS" INTO REAL LIFE ON THE INTERNET
"...A court deciding whether to assign liability would first inquire
into what technical measures were used; the court must find the
fences in cyberspace. Next, the court must decide whether the technical
measures were reasonable. The computer owner who failed to
protect against banner-grabbing should not have legal recourse when
banner grabbing identifies his operating system. A computer owner who
used a firewall that prevented port scans but not nmap-type OS
fingerprinting
might establish a strong case for liability against a nmap scanner."

Tom Brays wrote:
>
> Have you seen this one yet? Give me a break!
>
> "The Journal of Technology Law and Policy has a good article on computer security and privacy. If you ignore the more metaphorical crap at the beginning of the article, the author marches through some laws that apply to the Internet and shows how they apply and why his way of deciding what kind of access to a computer breaks the law and what kinds don't is better. (Its based on property and expectations of privacy.) It's interesting to see the computer security from a lawyer's point of view. Especially interesting are his claims that using nmap is illegal, despite the VC3 v. Moulton case."
> --

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jun 11 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]