[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ2 Hacked within 1 day of being online
- Subject: Re: [cobalt-security] RaQ2 Hacked within 1 day of being online
- From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
- Date: Wed, 29 Aug 2001 12:01:16 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
From: "Davide Crudo" <dcrudo@xxxxxxxxxxxxx>
> At that point I've contacted the provider where the login attempts where
> from... (about 5 different providers)... but no-one answered my request
> for information...
>
> How do you usually handle this? where do you find help in tracing hackers?
> do service provider MUST provide you with this kind of information only
> based on our log files?
They only person that providers MUST provide information to is the FBI. In
order to get the FBI involved, I believe you have to be able to prove that
the damage done amounted to a minimum of $5,000. Realistically, though,
unless you have a lot more in damages than that, the FBI won't bother to
pursue it very far.
Your best bet? Fortify your systems as much as possible, and unless the hack
involved serious data loss / compromise, don't waste time pursuing the
hacker. It is polite and good practice to notify system admins that an
attack came from their server, so they can repair any possible compromise to
their own servers. However, don't always expect a "thank you" in response.
Kevin