Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

RE: publicly available resources and the law

From: "Meritt, Jim" <Jim.Meritt () wang com>
Date: Tue, 23 Feb 1999 09:16:47 -0500
That would be some interesting judgements.  Consider:  The big "hacker" (I
hate that term) flail concerning DISA satellite configuration information
last year was accessed from an anonymous ftp server.  The law is written
such that "due diligence" must be taken by the information owners for any
legal persecution.  I would suspect unknowing misconfiguration (where
actuality and intentions do not match) will throw a monkeywrench into the
problem.

Comments?
_______________________
The opinions expressed above are my own.  The facts simply are and belong to
none. - The Red Queen rules!
James W. Meritt, CISSP

Senior Security Systems Engineer at Wang Global


----------
From:         HD Moore[SMTP:hdmoore () usa net]
Sent:         Tuesday, February 23, 1999 3:17 AM
To:   nmap-hackers () insecure org
Subject:      publicly available resources and the law


Along these lines, I was wondering what the legal status of accessing
FTP servers with anonmyous logins, wide open NFS exports, or NetBIOS
shares.  There needs to be some clarification of what is considered
public access and what is simply misconfiguration.  Anyone have
something to contribute about what is actually legal to access and what
is invasion?  Is any resource that can be accessed without special
authorization considered public access in the terms of the law?
Previous By Date Next
Previous By Thread Next

Current thread: