[Dshield] Port 135

Jon R. Kibler Jon.Kibler at aset.com
Wed Oct 16 17:43:40 GMT 2002

Believe it or not, in most states this would NOT be considered an illegal act. In fact, I am not aware of any state in which this would be clearly illegal.

I have spent a lot of time in the last 2 years researching various state's computer crime laws and assisting in the rewrite of South Carolina's statutes. Although I am not a lawyer, from what I have learned from various lawyers, this act would most likely be considered legal. Why? Because you have the port open, it is a well known port, you are using the port for one of its intended functions (pop-up messaging), and you have not expressly prohibited access to that port.

I thought that we had covered all the technological exploits when SC's computer crime laws were updated this summer, but this is different enough from any act specified as to be potentially hard to declare illegal under current law. 

If a SC system was so attacked, it could potentially be called it a port scan (which is illegal) or it could be argued that it was an unauthorized attempt to establish contact with the system (defense could easily argue since the port was open, authorized access was implied), or it could be classified as either "misuse of network services" or "unauthorized use" (probably the best approach). However, since the port is open and access is not expressly prohibited, it would be a real stretch to make a case stick against a computer savvy defense attorney.

If anyone has any ideas how to make this activity illegal, or if you know of any states where this activity would currently be considered illegal, I would like to hear your ideas.

Jon R Kibler
A.S.E.T., Inc.
Charleston, SC  USA

Kenton Smith wrote:
> This has got to be illegal. How can someone who is accessing your internal
> network through your firewall, without getting prior permission, be
> operating within the law? I'm no lawyer, but someone who gets hit should
> take the spammer and/or the software vendor to court.
> Kenton Smith
> -----Original Message-----
> From: list-admin at dshield.org [mailto:list-admin at dshield.org]On Behalf Of
> Roger
> Sent: Tuesday, October 15, 2002 4:44 PM
> To: Dshield
> Subject: [Dshield] Port 135
> Getting  suspicious hits on port 135?  This may explain it.  A new breed
> of spam slam.
> http://www.wired.com/news/technology/0,1282,55795,00.html
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list