Netstumbling and US Law

George Toft plug-discuss@lists.plug.phoenix.az.us
Wed, 28 Aug 2002 20:02:25 -0400


Victor Odhner wrote:
> 
> George Toft wrote:
> 
>  CISSP Wannabe asks: As I read the Electronic Communications
>  Privacy Act of 1986, the intentional reception, recording,
>  decoding, and decryption of wired and wireless electronic
>  systems is illegal.  Therefore, typing snoop, tcpdump, or
>  ethereal on a system (for purposes other than troubleshooting)
>  is illegal.  Furthermore, it would appear that netstumbling
>  and wardriving is also illegal.
> 
>  Can someone disprove me?
>  Regards,
>  George
> 
> I had not heard the term "netstumbling" before.
> Here is a message purportedly from an FBI agent that says
> there are several potential violations at least implied
> in this activity:
>  http://www.netstumbler.com/article.php?sid=391
> Accompanying comments suggest some legitimate uses of
> scanning for networks.
> 
> An ISP sysadmin (who described himself as "anal about
> security") said recently that browsing outside your home
> directory on an ISP system (e.g. in the /etc directory)
> was definitely illegal.  He mentioned no specific law.
> 
> Vic
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

He's right.  The implication of "illegal" refers to criminal law, and in
actuality, it would be contract law (violation of contract not to do
that).

If he was that anal, he should reconfigure the FTP server to prevent
that activity, and chroot the remote logins.

George

-- 
              Irrefutable fact about projects: You can have 
                it Quick, Cheap, or Right - pick any two.
What does that tell you if your project is ahead of schedule and under
budget?