Re: Cracked; rootkit - entrapment question?

[mfratto () NWC SYR EDU (Mike Fratto)]

At 09:43 AM 3/2/00 -0600, Paul L Schmehl wrote:
> IANAL, but how can it be entrapment?  He has to break in to the machine
> before he gets tracked and logged.  Even if you have a machine that's
> grossly misconfigured and wide open to hacking, that doesn't justify people
> hacking it.
>
> I say set it up, and let the script kiddie indict himself.

The problem is there is no case law nor are there laws on the books
governing honeypots. A good lawyer can conceivably argue that it is an
attractive nuisance, much like your swimming pool. Or that be placing the
honeypot on the network you are asking for attacks. Much like a police
person pretending to be a hooker trying to pick up Johns. There may also be
an issue of timing. If you put the honeypot up to attract your would be
cracker, then you are trying to "trap" them, right?

Yeah, it doesn't make alot of sense, but that seems to be the way the
system works. To the best of my knowledge, port scanning is *not* illegal.
Neither is probing for vulnerabilities. In fact trying to break into a
system is not illegal (strictly speaking). Being successful at breaking
into a system is, however.

mike