Penetration Testing: RE: New legislation in Australia to make pen-testing illegal?

[Tony Langdon <tlangdon () atctraining com au>]

> Anyone else out there from Australia, or was the internet 
> legislation of '99
> enough to make everyone leave? I'm struggling to understand 
> how these laws
> could passed and enforced - essentially, it may soon be 
> illegal to have
> scanners or hacking tools in your possession, and all 
> passwords and security
> measures must be handed over to the government on request.
Well, that would seem to be a rather short sighted approach.  I know the
Bill was passed in 1999 to enact the new laws (and I was involved in a
couple of rallies to try and make the Government see reason).  I, for one,
believe that administrators like myself need access to tools and port
scanners to be able to test our own systems resistance to attack.  Failure
to do so is failing to live up to our responsibility to the wider Internet
community.

To be honest, I'm not 100% sure what the law ended up saying on the
possession or (legitimate) use of security scanners.  

> Does anyone know if these kinds of measures are enforced 
> anywhere else in
> the world, or has my government just gone nuts?
Well, I'll avoid political discussion on the list, but I saw a distinct lack
of reason and understanding when it all developed in 1999.

--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/