Legal ramifications!

The legal ramifications of scanning networks are complex and controversial(like with many other laws pertaining to computer security). When using tools like Scapy/Nmap the line between doing something benign and malignant is thin. Always have written permission before scanning a network that you don’t own, know what you are doing, know your jurisdictions and speak to a lawyer!

The general rules for this class are:

“You don’t own it; You don’t scan it!”

  • DO NOT scan any machines at the venue that you don’t have permission to scan.

  • Limit your scanning to the following:

    • The virtual machines provided as part of the labs.
    • scanme.nmap.org
    • egadz.metasploit.com
    • hackme.irongeek.com

(Feel free to do any sort of scan against your VMs but for other public services listed above, limit your scans as much as you can.)