Re: RE: legality of sacrificial host to prosecute

[JohnNicholson () aol com (JohnNicholson () aol com)]

In a message dated 10/12/1999 6:40:52 AM Eastern Daylight Time, 
chunt () ikon com writes:

> And yet on another tangent, you can't bust someone for trying to hack a
>  virtual subnet.  (Try proving the damage done to an entity that doesn't
>  exist).
>  

You make a valid point here, but you're mixing legal concepts. One concept is 
the criminal action of breaking & entering (hacking into the network) which 
is illegal regardless of whether the burglar takes anything or does any 
damage; the other is the civil concept of damage.  

Regardless of whether a hacker does any damage to the honeypot, the hacker 
can be prosecuted by the government for the illegal act of hacking into the 
honeypot. If the hacker ran riot in your honeypot and trashed all of your 
data, you might have a tough time suing the hacker for damages because the 
information he trashed was worthless.

significant are:

1) A honeypot is not entrapment.** You can use a honeypot and still prosecute 
the hacker who breaks into it.  It is important to mark that area of your 
network with all of the same banners and privacy warnings as the rest of your 
network.

2) Any information you put on a honeypot should be approved by the company 
general counsel's office. False information which is stolen out of your 
honeypot could still cause problems or embarassment for your company if made 
public.

** Note: This statement only applies to US law in general and does not mean 
that some judge who can barely turn on his PC will not completely 
misunderstand the concepts involved.

John