Write review about this article with references.
I agree with the SANS Institute that the ethical nature of scanning is not clear-cut or black and white. The SANS Institute states, "While scanning is widely held to be a malicious activity, professionals use the technique regularly to diagnose network problems and to detect vulnerabilities on their own network.
The legitimacy of a port scan is often determined by the circumstances surrounding the incident in an attempt to establish intent," (Jamieson, 2001). This of course leaves a great many grey areas that can be found between the black and white areas. The consequences from being caught scanning hosts on a network can range from a slap on the wrist to being fired for perceived misconduct. The SANS Institute states, "The evaluation of the intent behind a scan is at best an imperfect science.
This makes dealing with scanning in policies difficult and creating laws regarding it nearly impossible," (Jamieson, 2001). Behavior deemed unethical, of course, gets the heavier repercussions and depending on the scope of the intent could have a higher range of consequences, from being fired to doing jail time.
There are many biblical points that can be made about a person who might consider when weighing the pros and cons of a potentially hazardous scan. First we have to remember what Colossians tells us, "Whatever you do, work heartily, as for the Lord and not for men," (Colossians 3:23, ESV). If the scan is necessary and there is a question as to there being a vulnerability then maybe the proper starting point is bring it up to those in charge of managing the system before taking matters into one's own hands.
Another verse I like is in Proverbs, "Whoever conceals his transgressions will not prosper, but he who confesses and forsakes them will obtain mercy," (Proverbs 28:13, ESV) which I feel fits since running scans without permission from the company or at least the IT department could seem a bit shady and if a person then found a vulnerability she would be required to make the decision to take that information now to the company or IT department since that is the right thing to do or go down the path of a not so ethical hacker and thus "not prosper."
To further drive this point home, since we hope for the best in people and we ourselves are learning more about and how to be ethical hackers, another Proverbs verse that pertains to us and reminds us to be our best says, "Better is a poor man who walks in his integrity than a rich man who is crooked in his ways," (Proverbs 28:6, ESV). We have to ask ourselves what is our integrity worth and understand our integrity is priceless.
My father likes to say it is better to be safe than sorry and I am an advocate for prepare for the worst and pray for the best. These put in my mind to take all the precautions to help keep my family and me safe by not doing anything that might jeopardize that. Jamieson, S. (2001). The Ethics and Legality of Port Scanning.