Re: Logon Banners

From: Led Slinger (leds@darkwater.net)
Date: 03/23/02 

Date: Sat, 23 Mar 2002 02:42:05 -0500
From: "Led Slinger" <leds@darkwater.net>
To: "leon" <leon@inyc.com>, <incidents@securityfocus.com>

I'm not sure that you will find tort or case history concerning the
presence of welcome banners. I could be way off on that one.
Personally, I see them as a means of generating consent to monitoring
and seizure of information in many forms. This is related to ECPA I
believe. There is case history pertaining to banners that provide
information relevant to monitoring. It's implied consent once the
banner is viewed. May be some gray area still, but I believe that's
the general direction of the court systems. Look at 18 USC 2511(2)(d)
and 18 USC 2702(b)(3) abd 2703(c)(1)(B)(iii). A great case history on
this is United States vs. Matlock. Much of this information can be
found in the U.S. DOJ Search and Seizure Guidelines. Bruce Middleton
has a section dedicated to this in CyberCrime Investigator's Field
Notes as well. Excellent book I might add.

Leds!

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi everyone,
>
> There is a thread going on, on the sf-basics list about logon banners
> and legalities. The general consecutions seems to be one of two
> groups of thought; 1) If you put welcome in your logon on banner
> this could make you legally responsible if you are attacked (meaning
> the attacker can say, "well it said welcome".) 2) This is an urban
> legend and not really true.
>
> My question is can anyone provide links showing that there have been
> court cases decided upon this? I found a reference in one of my
> cisco design books but it does not provide links or any other
> cross-reference.
>
> Thx,
>
> Leon

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com