Re: Remote Access Banners

[David Siles <ctowizkid () gmail com>]

Jeff,

I am not a laywer and don't play one on TV, but the banner system does
help your case when an authorized access attempt or successful access
does occur.  It makes it hard to say you weren't warned.

However, on the flip side, accessing a system that you don't own,
control, or have authorized access to is still against tha law and
many state telecommunications acts and laws, the Federal 1996
Telecommunications Ac and its predecessor the 1934 Telecommunications
Act have sections of fraud of telecommunications systems section spell
out the crimes.  They don't state you had to be told in a banner you
shouldn't break the law.

Aside from the various legal statues, many of the best practice guides
such as ISO 17799, NIST guides, and DoD specifications call for them
as good practice.

Dave



On 7/6/05, Jeff Stebelton <jeff.stebelton () gmail com> wrote:
> Can someone point me to the statues that govern the need for remote
> access warning banners, such as those used on telnet or ftp servers?
> Are there any cases where a banner was not used, and consequently an
> attacker was not successfully prosecuted or/and got a reduced
> sentence?
>
>
> jeff