RE: Remote Access Banners

From: Bob Radvanovsky (rsradvan_at_unixworks.net)
Date: 07/07/05

  • Next message: Bob Radvanovsky: "RE: Remote Access Banners" 
    To: "'Jeff Stebelton'" <jeff.stebelton@gmail.com>, <security-basics@security-focus.com>
Date: Wed, 6 Jul 2005 20:56:14 -0500

    Go here: http://www.unixworks.net/papers/wp-007.pdf.

    Though there weren't any laws enacted (per se) that *require* that banners
    be implemented, just about EVERY federal government system today has a login
    or remote banner of some sort.

    Essentially, it disclaims the servicing party of whatever they're
    disclaiming. The one I liked best was the one that the Naval Medical Center
    at Great Lakes, IL had, and I have modified it over the years, with the
    approval from 3 legal departments from previous employers that I have worked
    for -- it states the following syntax:

    !!!!!! W A R N I N G !!!!!!

    THIS IS A PRIVATE COMPUTER SYSTEM.
    UNAUTHORIZED ACCESS IS STRICTLY PROHIBITED.

    This computer system including all related equipment, network devices
    (specifically including Internet access), are provided only for authorized
    use. All computer systems may be monitored for all lawful purposes,
    including to ensure that their use is authorized, for management of the
    system, to facilitate protection against unauthorized access, and to verify
    security procedures, survivability and operational security. Monitoring
    includes active attacks by authorized personnel and their entities to test
    or verify the security of the system. During monitoring, information may be
    examined, recorded, copied and used for authorized purposes. All information
    including personal information, placed on or sent over this system may be
    monitored. Uses of this system, authorized or unauthorized, constitute
    consent to monitoring of this system. Unauthorized use may subject you to
    criminal prosecution. Evidence of any such unauthorized use collected during
    monitoring may be used for administrative, criminal or other adverse action.
    Use of this system constitutes consent to monitoring for these purposes.

    What is the message stated here, and what was not given?

    Not given were the following:
    (1) No server name is shown.
    (2) No functionality of the server is shown (i.e. mail or web server, etc.).
    (3) No keywords shown: "welcome", "open", or anything stating openness.
    (4) No network address is shown (no IP, no DNS, no nuttin').
    (5) No company name or affiliation is shown.
    (6) No facility, division, department or otherwise is shown.
    (7) No geographic location is shown.
    (8) No purpose of the server is shown or provided.

    Message states that:
    (1) The server is monitored.
    (2) No timeframe given as to time, duration, or any specificity is provided.
    (3) Nothing stated about who would perform the monitoring, other than it is.
    (4) Statement of what could happen if "digitally trespassed".
    (5) Purpose of the disclaimer.
    (6) No copying of data.
    (7) No unauthorized access of server, data, or anything contained therein.
    (8) Access is method of acceptance.
    (9) Access is method of consent of rules.

    Modifications from the original disclaimer:
    (1) Second line: "THIS IS A PRIVATE COMPUTER SYSTEM.".
    (2) If a publically accessible system would be stated differently.

    -----Original Message-----
    From: Jeff Stebelton [mailto:jeff.stebelton@gmail.com]
    Sent: Wednesday, July 06, 2005 7:26 AM
    To: security-basics@security-focus.com
    Subject: Remote Access Banners

    Can someone point me to the statues that govern the need for remote
    access warning banners, such as those used on telnet or ftp servers?
    Are there any cases where a banner was not used, and consequently an
    attacker was not successfully prosecuted or/and got a reduced
    sentence?

    jeff

  • Next message: Bob Radvanovsky: "RE: Remote Access Banners"

    Relevant Pages

    • RE: RWW login notification
      ... monitoring component to smooth every thing. ... Select Windows Small Business Server 2003 and then click ... select Microsoft SQL Server Desktop Engine ... This newsgroup only focuses on SBS technical issues. ...
      (microsoft.public.windows.server.sbs)
    • RE: SBS Monitoring Install : KB555432
      ... "The Wizard encountered an error while configuring the monitoring features. ... Run Small Business Server Setup re-install the server tools component and ... Usually we first need to reset the Monitoring Component. ...
      (microsoft.public.backoffice.smallbiz)
    • Re: SBS 2003 Usage Report
      ... Rerun the Setup Monitoring Reports and Alerts Wizard ... | Usage Report] with Terence Liu ... | Downloading and Installing Windows Small Business Server 2003 Service ...
      (microsoft.public.windows.server.sbs)
    • RE: Monitoring and Reporting not working
      ... I understand that Monitoring and reporting ... Specify "Windows SharePoint Services" as the Extension name. ... Program Files\Common Files\Microsoft Shared\web server ... please try to reinstall monitoring component ...
      (microsoft.public.windows.server.sbs)
    • RE: Http 400 Error With Update Services, Monitoring & Reporting
      ... Reporting issue. ... you get error when you run the CEICW on SBS. ... How to configure Internet access in Windows Small Business Server 2003 ... Monitoring and Reporting is working fine. ...
      (microsoft.public.windows.server.sbs)
    • Quantcast