Home page logo
/

basics logo Security Basics mailing list archives

Re: FTP hack of two web sites
From: "Gaddis, Jeremy L." <jeremy () linuxwiz net>
Date: Sat, 25 Mar 2006 00:07:30 -0500

backdropman1 () yahoo com wrote:
Seeking any advice on what to do or how to proceed on an FTP attack which left me the IP address of the hacker in my 
Logs?
So far I have given the IP address to their ISP but I have no idea what if anything the ISP did.
It would fall under one of these sections od 18 USC

Contact your local law enforcement and, perhaps, the local office of the FBI, if management wishes to pursue that angle (this should have been decided a long time ago, when your incident response plans were created). I'll also assume you haven't "tainted" the evidence so much that it'd get thrown out in court.

18usc1030

This seems to be the most common, assuming the feds take the case. Otherwise, it's subject to your local/state laws.

--
Jeremy L. Gaddis
GCWN, MCP, Linux+, Network+
http://www.jeremygaddis.com/

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]