RE: login banners

From: PJD@portcullis-security.com
Date: Thu Feb 20 2003 - 03:48:13 EST


Hi Patrick

The story you refer to also rung a bell (no pun intended) I think it was
with regards to British Telecom, who if memory serves, had a contractor
working for them who had access to systems on the network, he looked around
at what else was available to him, and found he had access to the
ex-directory phone list including numbers such as the UK's security
services, the private numbers for Buckingham Palace and many others. He
published his findings to the press, see an article in Computer Weekly 01
Dec 1994 page 14. BT prosecuted him, but he got off on the basis that the
data was on the system he had access to and there was no notification that
he should not access it unless specifically authorised. I am not a legal
authority, but I guess you could call that a precedent, I believe he still
got prosecuted for disclosing the data under the data protection act though.
Following that authorised login banners were born.

Hope this helps.

Paul

 

> ----------
> From: Patrick Kingi[SMTP:Patrick.Kingi@nz.logical.com]
> Sent: 18 February 2003 00:55
> To: pen-test@securityfocus.com
> Subject: login banners
>
> Greetings all,
>
> It has been standard practice to ensure systems ensure their login banners
> warn the users that unauthorised access is not allowed, your activity may
> be
> logged etc...
>
> A client has asked if there is any evidence that this really matters. I
> heard a story once upon a time that a hacker did not get prosecuted
> because
> the login banner said something like "Welcome to your friendly
> neighborhood
> computer". Is this an urban legend?
>
> Does anyone have any evidence that the login banner has been used in
> court?
>
> Any help would be appreciated.
>
> regards,
> Patrick
>
>
> --------------------------------------------------------------------------
> --
>
> Do you know the base address of the Global Offset Table (GOT) on a Solaris
> 8
> box?
> CORE IMPACT does.
> www.securityfocus.com/core
>

*************************************************************
The information in this email is confidential and may be
legally privileged. It is intended solely for the addressee.
Any opinions expressed are those of the individual and do not
represent the opinion of the organisation.
Access to this email by persons other than the intended
recipient is strictly prohibited.
If you are not the intended recipient, any disclosure, copying,
distribution or other action taken or omitted to be taken in
reliance on it, is prohibited and may be unlawful.
When addressed to our clients any opinions or advice contained
in this email is subject to the terms and conditions expressed
in the applicable Portcullis Computer Security Limited terms
of business.
**************************************************************

----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
http://www.securityfocus.com/core



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:28 EDT