Security Incidents: Re: [incident] IIS defacement through FTP, possible DoS

[Patrick Andry <pandry () wolverinefreight ca>]

I would advise against thanking him for defacing your site, even if he 
did do it in a "responsible" fashion.  Even though you have decided not 
to press charges, doesn't mean the next company won't.
This was an act of vigilantism, and it most likely did not reflect well 
on your website.  Had he sent e-mail to all the responsible parties, 
including the webmasters of all the sites hosted, he would have got the 
same results, and placing comments inside the webpage with a note "See 
what I can do?  Fix this!" as a last resort would have been preferable 
to all parties involved.
Iain Craig wrote:

> Just a quick one to say thanks to everyone for their advice and suggestions.
>
> It's awesome to know that you guys are there when it hits the fan!
>
> Have decided that the port scans weren't really the issue here; many people have reported extensive Grim's Ping from 
> similar european broadband sources.
>
> However, I have found my defacer's IRC hangout, and plan on having a chat. I'd like to thank him for being polite (no 
> damage except the defacement - no files deleted from the site, index.html was renamed to orig_index.html!).
>
> Best regards,
> Iain Craig
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com