William Allen Simpson wrote:
Port scanning is rather common, and shouldn't be considered "attacking" -- unless it's taking a significant amount of bandwidth.
Attempting to gain unauthorised access to a computing system is a crime in most countries. Port scanning is a tool used to gain unauthorised access. (Yes, port scanning can be used for other things, but it's difficult to argue for those when scanning someone else's machines.) A telecommunications carrier releasing a customer's details without their permission, to a non-investigatory third party, without a court order. Hmmm. It's certainly illegal here in Australia. And last I checked wasn't the US firm Hewlett Packard in trouble for hiring people to do just that? So your basic problem is that you have a law enforcement problem, and the law enforcers don't give this priority. Which leads to one of those vicious circle thingies, where the ISPs don't give a stuff about their customers running scans, since they aren't seeing any hassle from Mr Plod, those customers aren't seeing any consequences, and so the amount of scanning increases, to the extent where people believe it is normal and acceptable. Why not contact the FBI. Not because it will help. But because if even 1% of the libraries in the country do that then the FBI will take the path of least resistance, which is to hassle ISPs with enough warrants until the ISPs find it economic to clean up their act, at least with regard to their own customers. -- Glen Turner <http://www.gdt.id.au/~gdt/>