Security Basics mailing list archives
RE: Remote Access Banners
From: "Bob Radvanovsky" <rsradvan () unixworks net>
Date: Wed, 6 Jul 2005 20:56:14 -0500
Go here: http://www.unixworks.net/papers/wp-007.pdf. Though there weren't any laws enacted (per se) that *require* that banners be implemented, just about EVERY federal government system today has a login or remote banner of some sort. Essentially, it disclaims the servicing party of whatever they're disclaiming. The one I liked best was the one that the Naval Medical Center at Great Lakes, IL had, and I have modified it over the years, with the approval from 3 legal departments from previous employers that I have worked for -- it states the following syntax: !!!!!! W A R N I N G !!!!!! THIS IS A PRIVATE COMPUTER SYSTEM. UNAUTHORIZED ACCESS IS STRICTLY PROHIBITED. This computer system including all related equipment, network devices (specifically including Internet access), are provided only for authorized use. All computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability and operational security. Monitoring includes active attacks by authorized personnel and their entities to test or verify the security of the system. During monitoring, information may be examined, recorded, copied and used for authorized purposes. All information including personal information, placed on or sent over this system may be monitored. Uses of this system, authorized or unauthorized, constitute consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution. Evidence of any such unauthorized use collected during monitoring may be used for administrative, criminal or other adverse action. Use of this system constitutes consent to monitoring for these purposes. What is the message stated here, and what was not given? Not given were the following: (1) No server name is shown. (2) No functionality of the server is shown (i.e. mail or web server, etc.). (3) No keywords shown: "welcome", "open", or anything stating openness. (4) No network address is shown (no IP, no DNS, no nuttin'). (5) No company name or affiliation is shown. (6) No facility, division, department or otherwise is shown. (7) No geographic location is shown. (8) No purpose of the server is shown or provided. Message states that: (1) The server is monitored. (2) No timeframe given as to time, duration, or any specificity is provided. (3) Nothing stated about who would perform the monitoring, other than it is. (4) Statement of what could happen if "digitally trespassed". (5) Purpose of the disclaimer. (6) No copying of data. (7) No unauthorized access of server, data, or anything contained therein. (8) Access is method of acceptance. (9) Access is method of consent of rules. Modifications from the original disclaimer: (1) Second line: "THIS IS A PRIVATE COMPUTER SYSTEM.". (2) If a publically accessible system would be stated differently. -----Original Message----- From: Jeff Stebelton [mailto:jeff.stebelton () gmail com] Sent: Wednesday, July 06, 2005 7:26 AM To: security-basics () security-focus com Subject: Remote Access Banners Can someone point me to the statues that govern the need for remote access warning banners, such as those used on telnet or ftp servers? Are there any cases where a banner was not used, and consequently an attacker was not successfully prosecuted or/and got a reduced sentence? jeff
Current thread:
- Remote Access Banners Jeff Stebelton (Jul 06)
- RE: Remote Access Banners Bob Radvanovsky (Jul 11)
- RE: Remote Access Banners Bob Radvanovsky (Jul 11)
- Re: Remote Access Banners matt (Jul 11)
- Re: Remote Access Banners David Siles (Jul 11)
- Re: Remote Access Banners Hank (Jul 11)
- Re: Remote Access Banners ChayoteMu (Jul 11)