Acceptable Use Policy
NO ILLEGAL, HARMFUL, OR OFFENSIVE USE OR CONTENT
You shall *NOT* use, or encourage, promote, facilitate, or instruct others to use the Web Services, the NetAlly Site, or the Test Tools for any illegal, harmful, fraudulent, infringing, or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, fraudulent, infringing or offensive. Prohibited activities or content include, but are not limited to, the following:
1. ILLEGAL, HARMFUL OR FRAUDULENT ACTIVITIES. Any activities that are illegal, that violate the rights of others, or that may be harmful to others, Our operations, or Our reputation, including but not limited to disseminating, promoting, or facilitating child pornography, offering, or disseminating fraudulent goods, Web Services, schemes, or promotions, make-money-fast schemes, Ponzi and pyramid schemes, phishing, or pharming;
2. INFRINGING CONTENT. Content that infringes or misappropriates the intellectual property or proprietary rights of others;
3. OFFENSIVE CONTENT. Content that is defamatory, obscene, abusive, invasive of privacy, or otherwise objectionable, including but limited to content that constitutes child pornography, relates to bestiality, or depicts non-consensual sex acts; and/or
4. HARMFUL CONTENT. Content or other computer technology that may damage, interfere with, surreptitiously intercept, or expropriate any system, program, or data, including but not limited to viruses, worms, Trojan horses, Phishing, time bombs, or cancelbots.
NO MALICIOUS ATTACKS
You shall *NOT* use the NetAlly Site, the NetAlly Web Services, nor the Test Tools to perform malicious unauthorized cyber security attacks or other malicious actions, which shall include but not be limited to brute force attacks, username and password auditing attacks, spoofing services or users, exhausting system limits, performing remote command or code execution, memory corruption, file injection, process execution, cross-site scripting attacks, session hijacking, checking for target machines vulnerabilities, attempting to crash services, enumerating users or IDs, performing objection injection, performing privileged execution, poisoning IT resources, exploiting session cookies, forging requests, exploiting Common Vulnerabilities and Exposures (“CVEs”), creating malicious traffic, denial of services attacks (“DoS”) attacks, distributing denial of services (“DDoS”)/smurf-attacks, performing reverse proxy related attacks, exposing or leveraging backdoors, traversing directories or file systems, performing authentication bypass, retrieving configurations or properties, or flooding/exhausting system resources.
NO SECURITY VIOLATIONS
You may *NOT* use the Web Services, the NetAlly Site, nor the Test Tools to violate the security or integrity of any network, computer, or communications system, software application, or network or computing device (each, a “System”). Prohibited activities include, but are not limited to, the following:
1. UNAUTHORIZED ACCESS. Accessing or using any System without permission, including attempting to probe, scan, or test the vulnerability of a System or to breach any security or authentication measures used by a System;
2. INTERCEPTION. Monitoring of data or traffic on a System without permission;
3. UNAUTHORIZED USE OF TEST TOOLS. Unauthorized use of the Test Tools’ results, including but not limited to network security vulnerability assessment data, for purposes of exploitation of security vulnerabilities;
4. UNAUTHORIZED MONITORING. Monitoring of data or traffic on a System without permission; and/or
5. FALSIFICATION OF ORIGIN. Forging TCP-IP packet headers, e-mail headers, or any part of a message describing its origin or route. The legitimate use of aliases and anonymous remailers is not prohibited by this provision.
NO NETWORK ABUSE
You may not make network connections to any users, hosts, or networks unless You have permission to communicate with them. Prohibited activities include, but are not limited to:
1. MONITORING OR CRAWLING. Monitoring or crawling of a System that impairs or disrupts the System being monitored or crawled;
2. DENIAL OF SERVICE. Inundating a target with communications requests so the target either cannot respond to legitimate traffic or responds so slowly that it becomes ineffective;
3. INTENTIONAL INTERFERENCE. Interfering with the proper functioning of any System, including any deliberate attempt to overload a system by mail bombing, news bombing, broadcast attacks, or flooding techniques;
4. OPERATION OF CERTAIN NETWORK WEB SERVICES. Operating network Web Services like open proxies, open mail relays, or open recursive domain name servers; and/or
5. AVOIDING SYSTEM RESTRICTIONS. Using manual or electronic means to avoid any use limitations placed on a System, such as access and storage restrictions; and/or
6. UNAUTHORIZED USE OF TEST TOOLS DATA. Unauthorized use of any NetAlly Test Tool test data, including but not limited to unauthorized port scanning, host discovery, OS detection, service discovery, authentication of credentials or network vulnerabilities attacks.
NO E-MAIL OR OTHER MESSAGE ABUSE
You will not distribute, publish, send, or facilitate the sending of unsolicited mass e-mail or other messages, promotions, advertising, or solicitations (like “spam”), including commercial advertising and informational announcements. You will not alter or obscure mail headers or assume a sender’s identity without the sender’s explicit permission. You will not collect replies to messages sent from another internet service provider if those messages violate this AUP or the acceptable use policy of that provider.
NO PERSONAL INFORMATION OR PERSONAL HEALTH INFORMATION
You agree *NOT* to upload *NOR* provide to Us any Personal Information and/or Personal Health Information, as defined in the applicable Date Protection Act, (collectively “Personal Data”) during Your use of the Web Services, the Test Tools, or via the NetAlly Site. Should You transfer, handle storage, or process Personal Data in conjunction with the Web Services, the Test Tools, or via the NetAlly Site, You (i) shall notify Us immediately; (ii) agree and acknowledge that You are acting as such Personal Data’s “Controller”, as set forth in the applicable Data Protection Acts; and (iii) agree and acknowledge that We may remove such Personal Data and suspend Your access to the Web Services, the Test Tools, or the NetAlly Site, at our election.
“Data Protection Act” means the Health Information Portability and Accountability Act (HIPAA) (29 U.S. Code § 1181, et seq.), Gramm Leach Bliley Act (GLBA) (15 US Code § 1681), General Data Protection Regulation (GDPR) (EU 2016/679), the California Consumer Privacy Act (CCPA) (Title 1.81.5. CA code 2018), and other applicable regulations which seek to protect the processing and storage of personal information.
Further, in the event of a breach of Personal Data attributed to Your actions or inactions in furtherance of Your Use of the Web Services, the Test Tools, or the NetAlly Site in violation of the Data Protection Acts, You hereby covenant that you shall promptly (i) take all necessary steps to curtail such breach; (ii) undertake all necessary actions to mitigate damages; (iii) provide the necessary notification and remediation, as set forth in the applicable Data Protection Act; and (iv) aid and assist Our efforts to do the same, at Your sole cost and expense.
OTHER PROHIBITED ACTIVITIES
In addition to the above prohibitions, You agree *NOT* to use the NetAlly Site, the NetAlly Web Services, nor the NetAlly Test Tools (i) in any application that may involve risks of death, personal injury, severe property damage or environmental damage, or in any life support applications, devices or systems; and (ii) to undertake or facilitate actions or inactions that are malicious in nature, are conducted with the intent to cause harm, would likely cause harm or damage, or for which a reasonable person would foresee causing harm or damage.
OUR MONITORING AND ENFORCEMENT
We reserve the right, but do not assume the obligation, to investigate any violation of this AUP or misuse of the Web Services, Test Tools, or NetAlly, LLC Site. We may:
1. Investigate violations of this AUP or misuse of the Web Services, Test Tools, or NetAlly Site;
2. Remove, disable access to, or modify any content or resource that violates this AUP or any other agreement
We have with You for use of the Web Services, Test Tools, or the NetAlly Site; and/or
3. We may report any activity that We suspect violates any law or regulation to appropriate law enforcement officials, regulators, or other appropriate third parties. Our reporting may include disclosing appropriate customer information. We also may cooperate with appropriate law enforcement agencies, regulators, or other appropriate third parties to help with the investigation and prosecution of illegal conduct by providing network and systems information related to alleged violations of this AUP.
REPORTING OF VIOLATIONS OF THIS AUP
If You become aware of any violation of this AUP, You agree to immediately notify Us and provide Us with assistance, as requested, and to stop or remedy the violation. To report any violation of this AUP, please email us at email@example.com.
Last Update: 24 February 2023