I think it is fairly simple regarding corporations at least.
You are fully entitld to set up a device such as a honey pot. It is merely a form of surveillance that requires a bad guy to actively do something they are not allowed to do.
If you wanted to make it useful for legal purposes you should probably put all sorts of disclaimers on it so that if someone were to telnet in they would get a message telling about all the bad things that happen to unauthorized users.
Damaging countermeasures are, even in the most extreme cases, dubious and usually illegal. If your company got a mail bomb from a certain address you would NOT be entitled to go to that house and blow it up.
-----Original Message-----
From: Ng, Kenneth (US) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 15, 2001 2:25 PM
To: 'Len Conrad'; [EMAIL PROTECTED]
Subject: RE: HoneyPots: "legal or nor legal"
Personally I think it depends on how people find the machine. If they see
advertisements for the machine (come check out this new site/service), I
think entrappment could be argued. But, if they found the machine by
sweeping all of IP from 1.1.1.1 to 255.255.255.254, then entrappment is a
lot harder to argue. Note: I am not a lawyer, nor do I play one on TV.
-----Original Message-----
From: Len Conrad [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 15, 2001 1:24 PM
To: [EMAIL PROTECTED]
Subject: RE: HoneyPots: "legal or nor legal"
>I am no lawyer either, the way I see it is crackers have absolutely
>no business in your network. I can't see how you can call it
>entrapment when they search for the networks or pc's to crack.
a recent article:
http://www.wired.com/news/culture/0,1284,42233,00.html
Len
http://MenAndMice.com/DNS-training : DNS training for USA and
Europe
http://BIND8NT.MEIway.com : Binary for ISC BIND 8.2.3 for NT4 & W2K
http://IMGate.MEIway.com : Build free, hi-perf, anti-spam mail gateways
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
