Re: login banners

From: Bob Radvanovsky (rsradvan@unixworks.net)
Date: Wed Feb 19 2003 - 17:16:27 EST

• Next message: Kevin Spett: "Re: WebInspect"
• Previous message: Vlad G.: "Re: php and netcat?"
• Maybe in reply to: Patrick Kingi: "login banners"
• Next in thread: Ron and Lisa Mehring: "Re: login banners"
• Reply: Ron and Lisa Mehring: "Re: login banners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

See replies and/or URL posting for additional information.

URL: http://www.theorygroup.com/Archive/Unisog/1999/msg00291.html
      http://www.theorygroup.com/Archive/Unisog/1999/msg00296.html
      http://www.theorygroup.com/Archive/Unisog/1999/msg00298.html

      http://www.theorygroup.com/Archive/Unisog/1999/msg00023.html
(interesting)

>> Reposted:

"From Mercury Center First Edition Tue Oct 12 04:30:08 EDT 1999 Gov. Gray
Davis has vetoed legislation that would have prohibited companies from
secretly monitoring workers' e-mail, computer files and Web surfing.
Privacy advocates denounced the veto as a strike against employee rights.
But Davis said he was protecting the right of employers to control their
workplace.
http://www.mercurycenter.com/svtech/news/indepth/docs/email101299.htm
Meanwhile, companies are tightening the rules governing employee e-mail and
Web surfing.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/y2k101299.htm
Case law seems to show a pretty consistent trend in siding with employers,
giving them virtually unlimited scope to ensure that their resources are
used appropriately. Having said that, the University of California has
articulated its expectations about privacy (among other things) in its
overall policy on electronic mail. It clearly prizes individual privacy
highly. There are only very specific circumstances under which
non-consensual access to others' email messages is allowed - criminal
activity being one of them. The email policy is now in process of being
generalized to encompass all forms of electronic communication, and will
soon (that's a relative term :-) become the UC Electronic Communication
Policy. For those interested, the UC Email Policy is available at:
http://www.ucop.edu/ucophome/policies/email/ Of course the technology in
its current mainstream state is inherently vulnerable to privacy exposures
- such as when a postmaster must reroute misdelivered email, or the case
Steve mentions where technical staff stumble across porn during the regular
course of their duties. So it seems to me that the policy aspect becomes
even more important... just because it's technically possible to do
something shouldn't automatically mean it is sanctioned. By policy, our
technical staff must maintain confidentiality except in the case where they
do stumble across criminal activity; in that case, another set of policies
take precedence."

>> Reposted.

"go to www.securitymanagement.com ,click on Tech Talk and see article re
Tool Talk: Log-In Banners"

>> Reposted.

And my favorite, SecurityFOCUS: http://online.securityfocus.com/guest/1060

Here we go.... http://www.cybercrime.gov/s&sappendix2002.htm - Look
specifically at Appendix A.

And lastly, here is a *sample* banner provided. ;) It was taken from the
U.S. Navy Great Lakes Medical Center in Waukegan, IL. It has been modified
a little bit, so if you use this banner, you should: (1) check with the IT
manager for USN's GL's M/C data center, and (2) check with your attorney.

Sample banner is as follows:

" -------------
                                 W A R N I N G
                                 -------------

                       THIS IS A PRIVATE COMPUTER SYSTEM.

This computer system including all related equipment, network devices
(specifically including Internet access), are provided only for authorized use.
All computer systems may be monitored for all lawful purposes, including to
ensure that their use is authorized, for management of the system, to
facilitate
protection against unauthorized access, and to verify security procedures,
survivability and operational security. Monitoring includes active attacks by
authorized personnel and their entities to test or verify the security of the
system. During monitoring, information may be examined, recorded, copied and
used for authorized purposes. All information including personal information,
placed on or sent over this system may be monitored. Uses of this system,
authorized or unauthorized, constitutes consent to monitoring of this system.
Unauthorized use may subject you to criminal prosecution. Evidence of any such
unauthorized use collected during monitoring may be used for administrative,
criminal or other adverse action. Use of this system constitutes consent to
monitoring for these purposes."

Once logged in, they should see:

"WARNING: Unauthorized access to this system is forbidden and will be
           prosecuted by law. By accessing this system, you agree that your
           actions may be monitored if unauthorized usage is suspected."

 From my understanding of computer law, dealing with legal aspects
involving either an attempted break-in, or a successful break-in (through
some sort of forensics process), you want to be as *specific* as
possible. The more specific you are to the laws applicable, the better you
are protected.

Mind you, I am not now, nor have I ever been, a representative of any legal
institution, agency, and/or representative thereof. I am not an attorney,
nor do I profess to be an attorney. My advise, if you want to really
protect yourself, is to hire an attorney that specializes in computer law.

And lastly, inset disk into magnet and spin until properly cooked. ;)

My 2 cents worth! Hope this helps!!!

Bob Radvanovsky
rsradvan@unixworks.net

At 01:55 PM 2/18/2003 +1300, you wrote:
>Greetings all,
>
>It has been standard practice to ensure systems ensure their login banners
>warn the users that unauthorised access is not allowed, your activity may be
>logged etc...
>
>A client has asked if there is any evidence that this really matters. I
>heard a story once upon a time that a hacker did not get prosecuted because
>the login banner said something like "Welcome to your friendly neighborhood
>computer". Is this an urban legend?
>
>Does anyone have any evidence that the login banner has been used in court?
>
>Any help would be appreciated.
>
>regards,
>Patrick
>
>
>----------------------------------------------------------------------------
>
>Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
>box?
>CORE IMPACT does.
>www.securityfocus.com/core

----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
http://www.securityfocus.com/core

• Next message: Kevin Spett: "Re: WebInspect"
• Previous message: Vlad G.: "Re: php and netcat?"
• Maybe in reply to: Patrick Kingi: "login banners"
• Next in thread: Ron and Lisa Mehring: "Re: login banners"
• Reply: Ron and Lisa Mehring: "Re: login banners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:28 EDT