Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Use a Honeypot, Go to Prison?
Kevin Poulsen, SecurityFocus 2003-04-16

SAN FRANCISCO--Using a honeypot to detect and surveil computer intruders might put you on the working end of federal wiretapping beef, or even get you sued by the next hacker that sticks his nose in the trap, a Justice Department attorney warned Wednesday.

Comments Mode:
Use a Honeypot, Go to Prison? 2003-04-17
Mark Rasch (2 replies)
This revives the old debate about whether you can monitor hacker activity within your own network. I have always thought that there is no problem doing it.. first, if you have express policies on it, it likely is "consent" even if the intruder didnt expressly consent or see the warning. Second, yo...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Bingo
Completely stupid!!!!!

When a hackern penetrate a network, he risks prison. The purpose of a honeypot is to try to protect an organisation's network.

Soon, configure a firewall is going to be illegal. Indeed, a firewall intercepts communications between to networks and filters packets!!!

Americ...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-19
Honeypots are for losers anyhow
This is much like the idea of using the DMCA to "protect" exploits and rootkits. I'd like to see the hacker who is willing to announce to everyone that he was caught by a honeypot. Not only will his friends laugh at him, but so will work, family, school and society.

In recent knews HoneyNet Res...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Shivan (1 replies)
And what about logging then?...

[ more ]  [ reply ]
re: Logging 2003-04-22
Anonymous
This crossed my mind, too. In theory, wouldn't this make general system logs, firewall logs, and the like in violation of federal statute if they inadvertantly end up logging a successful intrusion? I can't fathom who would pass such legislation. This completely boggles my mind. I mean, you may argu...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Steve K.
I'm all for people having an expectation of privacy, but I think it would be crazy if a honeypot operator went to prison. You shouldn't have to use "warning banners" to let someone know you are monitoring their activities. It should be an expectation that if you are using/hacking someone elses sys...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Simon Edwards (1 replies)
This is a non-story, don't you think? Someone claims there may be a legal problem, and maybe it is an interesting academic discussion (10 minutes max, prefereably down the pub), but I don't believe that there will ever be a case that makes it to prosecution where someone cracks a system, fails to se...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous
*you* can't imagine anyone actually going to court. Those of us who have watched the over-zealous actions of the current Justice Department can easily imagine otherwise. Just look at Ashcroft's application of the DMCA, his attacks on Oregon's "Death With Dignity" Act, or his prosecutions of medical ...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous (2 replies)
"But that monitoring is what federal criminal law calls "interception of communications," said Salgado, a felony that carries up to five years in prison."

What's wrong with the US justice system?

You should be able to monitor your own private system, it doesn`t matter the way you use. Are you le...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous (1 replies)
Of course you can video tape the thieves that enter your house. You just have to leave out a release for them to sign before they leave!...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Anonymous (1 replies)
Would I have to get them to sign a release before I shoot them too?...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Anonymous
In some states it is legal to use lethal force to protect you and/or your property. The honeypot and anything therein is your property and you are only protecting it. The computer is like a child it will only do what it is taught/instructed. You should be able to protect your network....

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-21
slim
I think the entire legal system is a paradox - when the forefathers came to America they were running away from their own governments because they did not wish to be controlled by a body to the extent they were. Unfortunately, we have been abandoning the very spirit the the forefathers of this count...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous
'The very purpose of your honeypot is to be attacked... so it's a little odd to say we're doing our monitoring of this computer to prevent it from being attacked.'

Completely wrong. Just another lawyer crap.

The honey pot is a system designed to detect an illegal activities on your systems....

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Lockdown
They touched on my thought in the article of me saying that the Hacker is communicating with the honeypot and the honeypot is just relaying what the hacker told it (through commands) to me. This also works if the Hacker uses the honeypot to connect to other computers, the honeypot is just telling m...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous (1 replies)
Assuming that some user/hacker is attempting to use some computer remotely to attack a third party, such a user is implicly not agreeing to being monitored, but he/she should not have a reasonable expectation of privacy. He is committing an an illegal action with no compensating factors. Given the c...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
yumadome (at) hotmail (dot) com [email concealed]
It really scares me when I think of all the laws out there that are only used to protect lawbreakers. I remember when people used to get sued because they set a booby trap on their house and then some poor innocent catburglar got hurt by their booby trap. I just don't get it. This whole arguement is...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-17
Anonymous
What I find amazing is that the DOJ, isn't taking steps to change the law to explicitly allow private honeypots and other detection methods as a means to detect and prevent hacking.

Isn't the DOJ supposed to be working with the homeland security department to find cybercrimes?

A banner stating...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Anonymouse
Isn't the honeypot the intended recipient of the (malicious) communications? If it is, you can't really call it intercepting.

Otherwise, the "provider exemption" does seem to apply, I think, since a honeypot is meant to reduce/prevent malicious actions against the rest of the network it is part of....

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Anonymous (1 replies)
In the article Mr. Salgado states

"But that monitoring is what federal criminal law calls "interception of communications," said Salgado, a felony that carries up to five years in prison"

How does this effect IDS systems like SNORT, ISS RealSecure, etc. Those systems are designed to "intercep...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-21
Lara
Absolutely, this law affects network-based IDSs much more than it affects honeypots, as honeypots are one party of the communication and therefore allowed to log it....

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? yeah right. 2003-04-18
jaymz
dosn't this just make you want to put one out on your network?

there are more laws that protect the bad guys from the general public. it's like 'virtual' gun control policies.

...

[ more ]  [ reply ]
But does it matter? 2003-04-18
batz (1 replies)


The same arguments are currently being mulled by lawyers and bureacrats about IDS and web filtering systems. The arguments are

pedantic and raised by people who have little understanding of culture or technology, and a limited appreciation for the law.

The law, like pretty much everything el...

[ more ]  [ reply ]
Packet sniffing your own network puts you in jeopardy as well. 2003-04-18
Anonymous
If you are looking for illicit traffic on your own network, and intercept a hacker you will be liable by the same laws. Heck any traffic that hits your firewall could fall in the same category of tapping. If you attempt to analyze or capture it for evidence you could go to jail. That?s insane. L...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Anonymous
I don't understand how you can get into legal trouble for monitoring your own equipment. Just because a hacker connects to a computer under your control, means you can't monitor what he's doing? Why would he have any expectation of privacy / protection? It's your equipment!! You can do whatever ...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
Sectech
I really hope this is a joke. Between this and the "Use a fireall go to jail" crap, it's crazy. Protecting yourself on the net is a right we all have and to take away that right is as good as taking away self defense on the streets. Security is extremely important in todays world and I can't believe...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-18
JMcDaniel
All right what happened to basic morals. If it doesn't belong to you, don't touch it. If you didn't ask and/or I didn't tell you it's ok, you don't have permission. The default rule is deny. Exception given to possibly to a breach at the border of the domain(maybe). Just in case we're led to be...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-19
Anonymous
Perhaps DOJ doesn't want NSA to be embarrassed....

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-19
Anonymous
I think the point to take away from all of this is that lawmakers don't know what WE are doing. Because of that they will make broad sweeping laws that just don't sound right to us. Unless we complain to and educate THEM, things like this will continue to happen. Don't just complain, fix it. THAT is...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-19
Madclicker
I believe you will not go to prison for monitoring your on network. You will never see a case with a hacker sueing the company for proctecting themselves with a honeypot. When you go to a website, you are logged and counted by the server software and it is another way of promoting IDS protection. Yo...

[ more ]  [ reply ]
Use a Honeypot, modify /etc/motd 2003-04-21
Anonymous
> cat /etc/motd

***************************************

* WARNING HAX0R WARNING HAX0R WARNING *

*-------------------------------------*

* This is a honeypot, please DO NOT *

* leave any kind of EXPLOIT, TROJAN, *

* IRClogs, mp3 or nude pics on this *

* box as this material is considere...

[ more ]  [ reply ]
Honeypot vs. poor security configuration 2003-04-21
Tone
The arguments for the hacker in regards to honeypots are just plain silly. When comparing a honeypot to a naive admin's control of a non-honeypot, exposed system there is little difference, especially if the machine is for test or in the state of being utilized for its intended purpose. If the sys...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-21
Anonymous
This article is so full of sh**. Just an example of someone raising theoretical B.S.. If these are real lawyers, it does say a lot about what is wrong with our legal system. This article is a fine example of trolling....

[ more ]  [ reply ]
Honeypot vs. Automobile 2003-04-21
Anonymous
Does this mean I need a search warrant to view the idiot-lights on my car's dashboard?

And if so, can I get the needed search warrant before the engine locks up?

...

[ more ]  [ reply ]
fbi/cia/nsa scared of honeypots 2003-04-21
Anonymous
maybe the problem with honeypots is that the fbi/cia/nsa

doesn't want to get caught when it is hacking? :)...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-22
mesmer
so how does this theory apply to ISP's using transparent proxying with logging turned on???

surely that also would count as wiretapping...

...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-22
skulls and bones
these laws were put here because they have no power on the net, it now longer is a matter of who has the most money. On the internet, power comes form the brain, and there is a lot of people in this county that do not have it, but were born in to power. they are afraid, that a 14 year old know more ...

[ more ]  [ reply ]
Use a Honeypot, Go to Prison? 2003-04-22
Anonymous
"Salgado favors configurations where a hacker is invisibly rerouted to a honeypot after beginning an attack on a production machine."

that, Mr. Salgado, is not a honeypot. It's a firewall or IDS, based on known signatures and, therefore, unable to protect against latest and greatest at hacker's ...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus