| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Dec 2006 06:52:27 -0600 From: "Dave Moore" <dave.j.moore@...il.com> To: "Mike Huber" <michael.huber@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Nmap Online On 12/1/06, Mike Huber <michael.huber@...il.com> wrote: > first of all, IANAL, but the TOS seem to cover the basics... However, I am > unsure whether they would hold up under strict legal scrutiny. As far as I > can tell, they may hold up under US criminal law, but not under civil law, > as tort law has its own wonderful little eccentricities. The best safeguard > they seem to have is that they must log the source IP of all scan > requests... As far as I know, anyone who takes the time to read the nmap > man page should be able to craft a scan which won't be detected by the > scanned host (can someone be a definitive source on this point?), and anyone > taking malicious action ought to be taking sufficient precautions to avoid > detection anyway. None-the-less, my 8-ball sees litigation in their future. All nmap scans are detectable. All port scans are detectable. Just depends on how hard you're looking. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists