Re: ICMP mapping, questioning legality!!

[David Knapp <dknapp () CALPOLY EDU>]

I had the same question - is port scanning legal in California?  I was
told that it is in fact illegal - see California Penal Code section
502(2)(c) - i believe for the specific wording.

http://www.csupomona.edu/~iit/policy/penalcode_502.shtml here is an
example, and if you search google for California penal code 502, you
are sure to find links to almost every state college in California -
they quote that section as justification for a number of Campus
policies.


I have had discussions about this with our Campus Police, as well as
independant legal counsel.  They both said it is illegal and referred
me to 502(2)(c).  However, neither could cite any court cases nor could
they recall anyone even going to court for port scanning.

If anyone has any further info about port scanning in California, I
would be glad to hear it.

tia


dbk
dknapp () calpoly edu


> -----Original Message-----
> From: root [mailto:root () rgfsparc cr usgs gov]
> Sent: Tuesday, September 12, 2000 10:03 AM
> To: INCIDENTS
> Cc: root
> Subject: Re: ICMP mapping, questioning legality!!
>
>
> > A couple of days ago our snort detected a NMAP ping to all
> our public IPS.
> > Are they doing anything wrong legalwise? How can i go about it?
>
> That's going to depend on the laws of the country you're in,
> and of the country
> of origin.  In the US, port scanning is for the most part
> legal, although
> generally frowned upon.  The best thing I can suggest is
> simply to block them at
> your firewall.  If they're just doing a general sweep of the
> Internet, they
> probably won't bother you again, anyway.
>
> Cheers,
>
> RGF
>
> Robert G. Ferrell, CISSP
> Information Systems Security Officer
> National Business Center
> U. S. Dept. of the Interior
> Robert_G_Ferrell () nbc gov
> ========================================
>  Who goeth without humor goeth unarmed.
> ========================================