Re: Logon Banners

From: Chris Ricker (kaboomat_private)
Date: Fri Mar 22 2002 - 23:04:08 PST

Next message: Led Slinger: "Re: Logon Banners"

Previous message: leon: "Logon Banners"
In reply to: leon: "Logon Banners"
Next in thread: Led Slinger: "Re: Logon Banners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 23 Mar 2002, leon wrote:

> There is a thread going on, on the sf-basics list about logon banners and
> legalities.  The general consecutions seems to be one of two groups of
> thought;  1)  If you put welcome in your logon on banner this could make
> you legally responsible if you are attacked (meaning the attacker can say,
> "well it said welcome".)  2)  This is an urban legend and not really true.
>
> My question is can anyone provide links showing that there have been court
> cases decided upon this?  I found a reference in one of my cisco design
> books but it does not provide links or any other cross-reference.

You don't make it clear which country's court cases you're interested in, 
but 
<http://www.attrition.org/security/advisory/auscert/AA-93.03.Suggested.Login.Banner> 
references a case in New Zealand.  

<http://www.fcw.com/fcw/articles/2000/0814/cov-law-08-14-00.asp>
offers similar information about US court cases which have hinged on banner 
statements (though the issues involved in those cases were monitoring of 
users vs. prohibitions against unreasonable search and seizure, not 
welcoming / not welcoming external crackers).

CERT Advisory 92:19 (I think -- my handwriting's a little blurred ;-) covers
much the same ground (again, US law about banner statements vs unreasonable
search and seizure).

The latter are actually more relevant than warnings to outside crackers, 
since most security breaches are internal....

At any rate, if you want specific court cases, you'll probably want to take
this over to LACC (laccat_private), where the people who actually know
that sort of thing hang out.  It's primarily US-centric (even though it's
hosted in Australia), so hopefully that's what you're after....  See
<http://www.cultural.com/web/security/mailing.lists/lacc.html> for all the
gory details.  I'm not sure if it's still active -- I've not read it in a
few years.

later,
chris

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Led Slinger: "Re: Logon Banners"
Previous message: leon: "Logon Banners"
In reply to: leon: "Logon Banners"
Next in thread: Led Slinger: "Re: Logon Banners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Mar 23 2002 - 19:38:02 PST