Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: scanning

From: "GroundZero Security" <fd () g-0 org>
Date: Mon, 12 Jun 2006 11:58:37 +0200
When you say that by running a portscan you "dossed" a whole network
then i would say either you are crazy or your portscanner is seriously broken lol
I have been doing pen-tests since 1998 and never ever dossed a whole Network
by accident, especially not with a simple portscan. 

-sk
----- Original Message ----- 
From: <schanulleke.29172787 () bloglines com>
To: <Valdis.Kletnieks () vt edu>
Cc: <full-disclosure () lists grok org uk>
Sent: Monday, June 12, 2006 11:23 AM
Subject: Re: [Full-disclosure] scanning



--- Valdis.Kletnieks () vt edu wrote:

What's this mean? It means that if you

scan some lame-ass system and it

crashes as a result, you might be in deep

shit.  And "it shouldn't have

crashed from a portscan" does *not* hold

up in court.

Having done pen-testing in the past I have disabled (dos-ed)
systems and entire networks with a portscan.

My employer would never let
me do any work withaout a prior written agreement.

However, law is highly
fluctuate over time and from country to country. Dutch law recently changed.
In the past you had to have broken a security barrier in order to be accused
of hacking, now it has changed to "with the intent to  do harm".

Is it
illegal? Not enough data to compute / that is one for the lawers...
Is it
unwise? Probably...
Will you get cought/sued? Unlikely...
Would I bother
to sue you? No...

Schanulleke

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: