Gentleman, if the DEA can lure drug lords in by having agents out there with
money to buy and drugs to sell, then I don't see what the big deal is with
the whole honeypot theory as far as legal ramifications.

-----Original Message-----
From: Frederico Batista Oliveira [mailto:fbolivstudent.dei.uc.pt]
Sent: Thursday, January 03, 2002 8:58 AM
To: honeypotssecurityfocus.com
Subject: RE: Entrapment and legal issues

On Thu, 3 Jan 2002, Fernando Martins wrote:

> As far as I know, at least here in Portugal, I suppose entrapment at a
> honeypot/net level is not illegal. Anybody else in other european
> countries can say the same?
>

Entrapment doesn't carry illegal issues, apart from a possible privacy
violation. The theory behind a honeypot (and i mean the social theory) is
similar to the common sense behind any hunter/hunted activity. You lure
not a particular person but a stereotype of people into exploring your own
resources so you can collect not only "target information" but statistical
information about how the attacks are put into practice.

This isn't, in my opinion -- i'm not related to law matters in any way --
something that can be considered illegal (it isn't covered by any of the
current portuguese IT-crime-related laws). It would be a good thing,
though, to have a more strict cooperation with law inforcement entities
(or at least legal advisors) in order to clarify some of these situations.
I suppose this shouldn't be that hard in countries in which these issues
are risen easily, like the US, but there's the fact that portugal isn't
"aware" of this kind of incident/situation.

> BTW, in a honeynet where IRC chats are included, do/can honeynets
> capture DCC chats?

As far as i know, due to the nature of direct client connection chats, the
traffic surpasses the irc-network from the time on which the DCC is
accepted and communication starts. Thus, i don't think it is possible to
capture DCC connection traffic unless the traffic does, eventually, end up
passing in the honeypot system (which is highly unusual). But please,
correct me if i'm wrong, since i'm not sure about the time on which
communication leaves the irc-network layer to a private client->client
layer.

>
> F.M.
>

Frederico Oliveira

---------------------------------------------------------------------
To unsubscribe, e-mail: honeypots-unsubscribesecurityfocus.com
For additional commands, e-mail: honeypots-helpsecurityfocus.com
---------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA) Service. For more information on SecurityFocus' SIA service
which automatically alerts you to the latest security vulnerabilities.
Please, see: https://alerts.securityfocus.com/

############################################################
This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and
destroy all copies of the original message. Any views
expressed in this message are those of the individual
sender, except where the sender specifically states them
to be the views of Intelsat, Ltd. and its subsidiaries.
############################################################

---------------------------------------------------------------------
To unsubscribe, e-mail: honeypots-unsubscribesecurityfocus.com
For additional commands, e-mail: honeypots-helpsecurityfocus.com
---------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA) Service. For more information on SecurityFocus' SIA service
which automatically alerts you to the latest security vulnerabilities.
Please, see: https://alerts.securityfocus.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]