RE: Hackers and gateway systems

[Matt Bruce <Matt.Bruce () alphawest com au>]

Hi all,

AusCERT recommended standard login banners be changed because of this. The
document is AA-93.03 "Suggested Login Banner" from 1993
(http://www.auscert.org.au/Information/Advisories/aus_1993.html). In
summary, it was developed and recommended by the Commonwealth Director of
Public Prosecutions, SERT (now AusCERT, I believe), the University of
Sydney, the University of South Australia, and the Australia Federal Police
because they were of the opinion that removing all welcome-style messages
would "assist in prosecutions of computer crackers".

I vaguely remember media reports around the early 1990s screaming in outrage
at one or more crackers who got off because they argued that the welcome
banner suggested that they were welcome to log in, or to attempt to log in.
It could have been media hype or hypotheticals -- I can't remember. The
Alert doesn't give a reference, legal instance or real example, so I think
it was mostly a pre-emptive strike against computer crime here in Oz. Legal
pro-activity -- something rare, even in this day and age, as I'm sure you'll
agree.

I checked various online legal resources (mainly
http://www.austlii.edu.au/), but was unable to come up with an Australian
case/trial on the matter. Anyone who has the time may like to check various
online legal references for a trial/verdict. I popped an email to AusCERT
asking for references today, but I'll have to wait until they get around to
me. I'll forward any URLs as I get them.

Cya,

-- 
Matt Bruce  <matt.bruce () alphawest com au>
Internet & Security Engineer
AlphaWest - http://www.alphawest.com.au/


> -----Original Message-----
> From: Plymale, Cheryl [mailto:cheryl.Plymale () qwest com]
> Sent: Friday, October 29, 1999 4:14 AM
>
> Does anyone know of a court case where a hacker was exonerated in part
> because of "Welcome"  was displayed on a gateway system?