Re: Logon Banners

["Led Slinger" <leds () darkwater net>]

I'm not sure that you will find tort or case history concerning the 
presence of welcome banners.  I could be way off on that one.  
Personally, I see them as a means of generating consent to monitoring 
and seizure of information in many forms.  This is related to ECPA I 
believe.  There is case history pertaining to banners that provide 
information relevant to monitoring.  It's implied consent once the 
banner is viewed.  May be some gray area still, but I believe that's 
the general direction of the court systems.  Look at 18 USC 2511(2)(d) 
and 18 USC 2702(b)(3) abd 2703(c)(1)(B)(iii).  A great case history on 
this is United States vs. Matlock.  Much of this information can be 
found in the U.S. DOJ Search and Seizure Guidelines.  Bruce Middleton 
has a section dedicated to this in CyberCrime Investigator's Field 
Notes as well.  Excellent book I might add.

Leds!


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi everyone,
>
> There is a thread going on, on the sf-basics list about logon banners
> and legalities.  The general consecutions seems to be one of two
> groups of thought;  1)  If you put welcome in your logon on banner
> this could make you legally responsible if you are attacked (meaning
> the attacker can say, "well it said welcome".)  2)  This is an urban
> legend and not really true.
>
> My question is can anyone provide links showing that there have been
> court cases decided upon this?  I found a reference in one of my
> cisco design books but it does not provide links or any other
> cross-reference.
>
> Thx,
>
> Leon


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com