Security Basics mailing list archives

Re: compromised network

From: "Meritt James" <meritt_james () bah com>
Date: Mon, 29 Dec 2003 15:12:47 -0500

In general, yes.  But it depends on who "you" is (consult corporation
notification policy and incident response procedures - you DO have them,
don't you?) and which authorities (different authorities have different
area or responsibilities) and what is meant by 'alert' (forensic
evidence?  What do you tell them so you will not evoke a "yeah?  So?")

Jim

Francisco Mário Ferreira Custódio wrote:


Hello Dana.

All questions make sense!

If your network has been compromised, you should alert the authorities.
----------------------------------------------------------------------------


-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: compromised network, (continued)
- - - RE: compromised network Yvan Boily (Dec 31)
- RE: compromised network Glenn Pearl (Dec 29)
  - Re: compromised network erisk (Dec 30)
    - Re: compromised network Jason Coombs (Dec 31)
    - Re: compromised network Meritt James (Dec 31)
- Re: compromised network Lard van den Berg (Dec 30)
- Re: compromised network Christos Gioran (Dec 30)
- RE: compromised network JM (Dec 30)
- Re: compromised network DT - Paulo Santos (Dec 30)
- RE: compromised network Francisco Mário Ferreira Custódio (Dec 29)
  - Re: compromised network Meritt James (Dec 29)
- RE: compromised network Angus (Dec 29)
- Re: compromised network jamesworld (Dec 30)
- Re: compromised network H Carvey (Dec 31)