Educause Security Discussion mailing list archives
Re: Honeypots - All dried up by Super-DMCA
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Mon, 5 May 2003 08:32:27 -0500
Indeed, this is how we (with Counsel) interpret it, also after consideration of ECPA, and how we came to the conclusion I stated in my other note. M. -- Mark S. Bruhn, CISSP Chief IT Security and Policy Officer Interim Director, Research and Educational Networking Information Sharing and Analysis Center (ren-isac () iu edu) Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu -----Original Message----- From: David L. Wasley [mailto:david.wasley () UCOP EDU] Sent: Friday, May 02, 2003 11:51 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Honeypots - All dried up by Super-DMCA I'm not a lawyer :-) but the way I read Tim Liston's article, I think it's not clear that the law prohibits distribution or use of LaBrea (although it might provoke legal action and that is really the issue for Tim). What Tim quotes says honeypots would be illegal "without the express consent or express authorization of the communication service provider". If the campus (the communications service provider) specifically approved the use of a honeypot on its network, then it should not be a problem. As for "to conceal or to assist another to conceal from any communication service provider or from any lawful authority the existence or place of origin or destination of any communication" - simply make sure the logs are available to the campus network NOC. What am I missing? David ----- At 10:53 PM -0400 on 5/1/03, Pete Hoffswell wrote:
honeypots are very very cool. I would be weary implementing them at
this time, however.
Unfortunately, because of the DMCA laws, they may be illegal. Reference - Tom Liston, maker of Labrea, has stopped distributing his great
software due to Illinois Super-DMCA laws:
http://www.hackbusters.net/ Slashdot, etc, reports that new Michigan laws has made the development
of honeyd illegal:
http://slashdot.org/articles/03/04/15/1454218.shtml?tid=153 If anyone gets council clearing them to use labrea or honeyd, I would
be very interested.
- Petemorrow.long () YALE EDU 05/01/03 21:25 PM >>>Lance Spitzner article on how 'honeypots' can be effective tools in the information security kit for protecting production nets (as opposed to just research experiments for collecting data): http://www.securityfocus.com/infocus/1690 Morrow ********** Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Re: Honeypots - All dried up by Super-DMCA Pete Hoffswell (May 01)
- <Possible follow-ups>
- Re: Honeypots - All dried up by Super-DMCA H. Morrow Long (May 02)
- Re: Honeypots - All dried up by Super-DMCA David L. Wasley (May 02)
- Re: Honeypots - All dried up by Super-DMCA Schmidt, Eric W (May 02)
- Re: Honeypots - All dried up by Super-DMCA Bruhn, Mark S. (May 05)
- Re: Honeypots - All dried up by Super-DMCA Bruhn, Mark S. (May 05)