On Jun 30, 2008, at 12:54 PM, [EMAIL PROTECTED] wrote:
On Sun, 29 Jun 2008 17:55:53 EDT, "Tuc at T-B-O-H.NET" said:
220 Sending HELO/EHLO constitutes acceptance of this agreement
Even in a UCITA state that has onerous rules regarding shrink-
wrapped EULA
terms, I think you'd have a very hard time getting a court to
enforce an
alleged contract based on this. And it's different from the usual
suggestion
to put "all activity may be monitored" in your telnet/ssh login
banners, because
there's an expectation that the human will look at a login banner
when they
login, but there's no expectation that an SMTP server will look at
the 220
banner any further than checking the first digit is a '2' (go read
the section
on SMTP reply codes in RFC2821).
Feel free to cite any relevant case law (in fact, even the case law on
login banners read by humans is a tad skimpy - in most cases, it
does nothing
for intruders, but it protects you from your own users complaining
their
privacy was violated)...
I have found the biggest advantage of banners to be the fact that you
learn to recognize your own devices *before* typing your password...
It you *always* have a banner on *all* of your devices, you quickly
learn to expect them...
For example:
ssh router1.example.net
**************************************************************
* This device belongs to example.net. Don't login if you
* are not supposed to be here... Blah blah blah.
* <><><><><><><><><><><><><><><><><><><><><>
*************************************************************
[EMAIL PROTECTED]'s password:
versus:
ssh router1.exsmple.net
[EMAIL PROTECTED]'s password:
Having a cute, customized banner (not the default from the standard
security templates) helps with this...
W
--
If the bad guys have copies of your MD5 passwords, then you have way
bigger problems than the bad guys having copies of your MD5 passwords.
-- Richard A Steenbergen
