Berkeley Lab Privacy and Security Notice
Parent Policy: Privacy, Monitoring, and Access without Consent
Document #: 10.01.005.002
Berkeley Lab requires notice of monitoring. If your system has external users, follow the instructions below on how to install the abbreviated notice.
Abbreviated Text of Notice
Welcome to Lawrence Berkeley National Laboratory.
Before you begin your work, note that your use of this system constitutes acceptance of our policies. Specifically, you have no expectation of privacy when using this system - any or all uses of this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized University, DOE, and law-enforcement personnel.
In addition, do not use this system to illegally access copyrighted material, access sexually explicit material, or to interfere with the security of this system. You can read our policy on acceptable use at https://commons.lbl.gov/display/rpm2/Acceptable+Use+of+Information+Technology.
This is just a summary of our policies, by clicking "I agree" you agree to the full versions.
You can view the full text at ttp://www.lbl.gov/Disclaimers.html.
Windows and Macintosh
Follow these instructions to install an application that will display the warning banner on system startup:
- Login to using your LDAP credentials
- Under Security Software, click on DOE Security Notice and download the appropriate package
- Uncompress the downloaded file
- For Windows, unzip and read the readme file for instructions
- For macs, double click to install
Include a link to the "Privacy and Security Notice" at http://www.lbl.gov/Disclaimers.html on each webpage. The link can be in the header, footer or anywhere on the page.
The banners for Unix machines depend on the particular vendor and service. For many recent systems (Sun, Linux), creating the file /etc/issue containing the banner text causes the banner text to be displayed before the console login and before all interactive logins such as telnet, rsh, and rlogin.
Linux systems use two such files, /etc/issue for console logins and /etc/issue.net for telnet logins, so be sure to place the banner text in both.For other systems and for services that do not respond to the /etc/issue file, put the banner text in the file /etc/motd.
The contents of this file are displayed by the global /etc/.login and the /etc/profile files, depending on which shell you start (sh or csh), immediately after a successful login. Displaying the /etc/motd file immediately after login is also an option for the Secure Shell daemon (sshd) and is set in the /usr/local/etc/sshd_config file.
Some versions of the FTP service have been modified to display after login the contents of the file .login_message found in the root directory of the FTP tree or in the users home directory. You will have to try this to see if it works. If it does not work, you must put a file named NOTICE_TO_USERS containing the warning text into the root directory of the anonymous ftp tree and the file or a link to the file into each user's home directory.
For machines that do not use these methods for displaying banners, consult the man pages for each service to see if there is a banner mechanism available.
IMPORTANT NOTE: If you remove a service from a Unix machine, your machine will be more secure and you will not have to worry about placing a banner on that service. If you have open services that you do not need simply remove them.