Security Incidents mailing list archives

Re: Logon Banners

From: Chris Ricker <kaboom () gatech edu>
Date: Sat, 23 Mar 2002 00:04:08 -0700 (MST)

On Sat, 23 Mar 2002, leon wrote:

There is a thread going on, on the sf-basics list about logon banners and
legalities.  The general consecutions seems to be one of two groups of
thought;  1)  If you put welcome in your logon on banner this could make
you legally responsible if you are attacked (meaning the attacker can say,
"well it said welcome".)  2)  This is an urban legend and not really true.

My question is can anyone provide links showing that there have been court
cases decided upon this?  I found a reference in one of my cisco design
books but it does not provide links or any other cross-reference.



You don't make it clear which country's court cases you're interested in, 
but 
<http://www.attrition.org/security/advisory/auscert/AA-93.03.Suggested.Login.Banner> 
references a case in New Zealand.  

<http://www.fcw.com/fcw/articles/2000/0814/cov-law-08-14-00.asp>
offers similar information about US court cases which have hinged on banner 
statements (though the issues involved in those cases were monitoring of 
users vs. prohibitions against unreasonable search and seizure, not 
welcoming / not welcoming external crackers).

CERT Advisory 92:19 (I think -- my handwriting's a little blurred ;-) covers
much the same ground (again, US law about banner statements vs unreasonable
search and seizure).

The latter are actually more relevant than warnings to outside crackers, 
since most security breaches are internal....

At any rate, if you want specific court cases, you'll probably want to take
this over to LACC (lacc () suburbia net), where the people who actually know
that sort of thing hang out.  It's primarily US-centric (even though it's
hosted in Australia), so hopefully that's what you're after....  See
<http://www.cultural.com/web/security/mailing.lists/lacc.html> for all the
gory details.  I'm not sure if it's still active -- I've not read it in a
few years.

later,
chris


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Logon Banners leon (Mar 22)
- Re: Logon Banners Chris Ricker (Mar 23)
- Re: Logon Banners Hugo van der Kooij (Mar 23)
- Re: Logon Banners Chris Wilson (Mar 23)
- <Possible follow-ups>
- Re: Logon Banners Led Slinger (Mar 23)
- RE: Logon Banners Rohrer, Mark E (Mar 23)