Re: Remote Access Banners

[ChayoteMu <chayotemu () gmail com>]

"For that reason, it is vital to XX Agency security and legal posture
(no Federal Agency has been successful to date in prosecuting a
perpetrator without the presence of Warning Banners) "
from http://csrc.nist.gov/fasp/FASPDocs/
logaccess-control/ScreenBanner-Paper.doc

This is so well put I'll just copy it.
"Part of the reason for a logon warning banner is to identify your
systems legal restrictions and rules of access. It has been
successfully argued in court that if the system provider did not put
up a warning banner, they had no legal recourse. Especially if, as
many default banners used to be, the banner as "WELCOME". Arguably, an
unsecured AP is a "WELCOME"."
from http://securityfocus.com/comments/articles/9606/28682/threaded

I'm trying to find the actual case, but some time ago there was a
hacker that was let off because the system he hacked said "WELCOME TO"
then the system name and he argued they were welcoming him in. The
idea is without a warning banner the hacker can argue he got in and
didn't know he shouldn't be there. A warning banner blatently says "go
away" and such arguments are therefore invalid right away.

On 7/6/05, Jeff Stebelton <jeff.stebelton () gmail com> wrote:
> Can someone point me to the statues that govern the need for remote
> access warning banners, such as those used on telnet or ftp servers?
> Are there any cases where a banner was not used, and consequently an
> attacker was not successfully prosecuted or/and got a reduced
> sentence?
>
>
> jeff


-- 
ChayoteMu

"To catch a thief, think like a thief. To catch a master thief, be a
master thief."