October 7th, 2004 04:21 AM
My understanding is that login banners warning of legal ramifications are much like the miranda rights, that is they are just assumed and their omission in no way presents a legal loophale for escape.
The reasoning is, many systems that could be compromised run services that don't feature login banners. Login banners are targeted specifically at legit users in environments where it is not practical to have all users acknowledge (via a signature) the applied security policy.
October 7th, 2004 04:46 AM
if you ever have any questions, terms, or technology to lookup, you can try:
tech target's whatis section:
for honeypots & honeynets:
here is the def. for honeypot:
the closest i have come to a honeypot is i played around with specter.
The term you selected is being presented by searchSecurity.com, a TechTarget site for Security professionals.
A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. (This includes the hacker, cracker, and script kiddy.) To set up a honey pot, it is recommended that you:
Install the operating system without patches installed and using typical defaults and options
Make sure that there is no data on the system that cannot safely be destroyed
Add the application that is designed to record the activities of the invader
Maintaining a honey pot is said to require a considerable amount of attention and may offer as its highest value nothing more than a learning experience (that is, you may not catch any hackers).
i didn't get a chance to fully set it up or deloy it - i got side tracked with more important work @ work.
but i do constantly have a machine running ethereal and grabbing packets. hooked up to a roving analysis port on my switches. i usually tell the person that i will be sniffing their traffic. it's a great way to troubleshoot worms et la coming from internal hosts or even other subnets.