RE: Honeypot legal ramifications....

["Polazzo Justin" <Justin.Polazzo () facilities gatech edu>]

I dont know about you guys, but I simply monitor my own systems constantly. I only have snort running inside my tiny 
subnet. I own the wires, computers hubs, etc. I am not barred from monitoring my own systems, including any 
communications to and from them. If hax0rz come-a-knocking and that piques my interest so be it!

You have to either exploit a security flaw or guess/have credentials to gain access to the systems, so no one could use 
the "I thought I was cracking into a public server" excuse. There are no published links to accidentally follow, etc.

I do not see how there could be 4th (or any other) amendment rights violation. This might change if I worked in a 
different department/organization. Generally speaking as long as your  honeypots are on dedicated systems that do not 
offer a service, we shouldn't have worry too much about the public/private debate.

jp

-----Original Message-----
From: Lance Spitzner [mailto:lance () honeynet org]
Sent: Tuesday, June 08, 2004 12:47 PM
To: honeypots () securityfocus com
Subject: Re: Honeypot legal ramifications....


> One recommendation would be to get a better understanding of those 
> issues from a legal authority.  Recently Richard Salgado of the US 
> Department of Justice (CCIPS) wrote a new chapter dedicated to the 
> legal issues of honeynets.  While the book (KYE 2nd edition) will not 
> be announced for another week or two, you can find his chp online now 
> at http://www.honeynet.orb/book/Chp8.pdf.

*sigh*, my spelling skills are simply horrid. The correct URL is

      http://www.honeynet.org/book/Chp8.pdf

Apologies.

lance