However, having not been there, and not having heard the testimony, we kind of have to take the judge’s word for what happened between Sierra and Ritz. Among the Court’s findings were:

• On February 27, 2005, Ritz connected to Sierra's DNS server, issued a host -l command and obtained a full zone transfer, providing Ritz with the network map showing all of Sierra's private domain names, private host names, and internal non-routable IP addresses. Of course, whether or not these domain names were "private" or "internal" is what is in dispute. In fact, recently the German data privacy commissioner stated that individual IP addresses, from which you can determine the Internet browsing activities of a third party, constituted "personal data" subject the German data privacy laws.
• Ritz issued UNIX commands like host -l, and the SMTP commands helo and vrfy which, according to the court "are not commonly known to the average computer user." Well, neither is ctrl-P to print a document -- seriously, the "average" computer user knows very little -- but that doesn’t make it unauthorized or suspicious.
• Ritz used proxies and shell accounts to "conceal his identity" and that he used the names "lewini" and "BOFH" ("Bastard Operator From Hell"), although he denied having used any names other than Ritz.
• Ritz was able to learn the internal DNS structure and host names of Sierra’s network. "[T]he private host names could not be ascertained from any publicly available source," and found the use of the host -l command by Ritz to learn information about Sierra’s structure was "unauthorized."
• Ritz had engaged in 18 USENET death penalties (UDP’s) and sent what the court called "Internet mail bombs." Ritz had hijacked computers of third parties like Verizon, had conducted port scans on computers of third parties and, the court inferred, of Sierra, and had caused damage to Sierra by doing so. It found that Ritz did these things out of malice.
• The court also found that Ritz "engaged in a variety of activities without authorization on the Internet ... includ[ing] port scanning, hijacking computers, and the compilation and publication of Whois lookups without authorization from Network Solutions."

Now anyone can do a Whois lookup, but Network Solutions’ term of use of the database does prohibit such use: "The compilation, repackaging, dissemination or other use of this [whois] Data is expressly prohibited without the prior written consent of Network Solutions" The Court concluded that Ritz’ actions violated the North Dakota Computer Crime Law (pdf), which makes it an offense to "intentionally and ... without authorization gain or attempt to gain access to ... any computer ..." The statute by its terms allows "the owner or lessee of a computer [to] bring a civil action for damages, restitution, and attorney's fees for damages incurred as a result of the violation of this section." The statue also makes "computer trespass" a criminal offense as well. Like most computer crime statutes, the North Dakota law attempts to define both "computer" and "access" by stating:

"Access" means to approach, instruct, communicate with, store data in, retrieve data from, or otherwise make use of any resources of a computer, computer system, or computer network.

"Computer" means an electronic device which performs work using programmed instruction and which has one or more of the capabilities of storage, logic, arithmetic, communication, or memory and includes all input, output, processing, storage, software, or communication facilities that are connected or related to such a device in a system or network.

So did Ritz make an "unauthorized access" to a "computer" by issuing a command to do a zone transfer? If so, are forensic and computer security examiners at risk in doing what they do every day? To understand this you need to know a bit about the common-law crime, or tort, of trespass and a bit about UNIX.