I am no lawyer either, the way I see it is crackers have absolutely no business in your network. I can't see how you can call it entrapment when they search for the networks or pc's to crack.
It seems to me that it would be analogous to having a wall safe in your house with nothing in it to take the attention away from your stash in your mattress. Either way the intent is the same.
Jim
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of mouss
Sent: Thursday, March 15, 2001 10:42 AM
To: Michael Galloway; Mr. Firewaller
Cc: [EMAIL PROTECTED]
Subject: Re: HoneyPots: "legal or nor legal"
At 09:35 15/03/01 -0500, Michael Galloway wrote:
>Hi Mr.!
>
>from the sans newsletter, might be of some help:
>
> --7 March 2001 Honeypot Ethics
> Some security experts express concern that honeypots, decoy systems
> designed for the express purpose of surreptitiously observing cracker
> behavior, are unethical and perhaps even illegal.
> http://www.wired.com/news/culture/0,1284,42233,00.html
I'm not a lawyer, but I think that:
- It is illegal to harm anyone. Even if he attacks you, you should "call
the police",
(this rule is only valid if this is possible. If you can't, do whatever you
can:)
- If the honeypot doesn't harm the guy, then there is no problem in using
one, but
that doesn't mean you can use it in court. You can only use it to find the
bad guy, but
then you need to get legal proofs via other means.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
