Re: FTP hack of two web sites



backdropman1@xxxxxxxxx wrote:
Seeking any advice on what to do or how to proceed on an FTP attack which left me the IP address of the hacker in my Logs?
So far I have given the IP address to their ISP but I have no idea what if anything the ISP did.
It would fall under one of these sections od 18 USC

Contact your local law enforcement and, perhaps, the local office of the FBI, if management wishes to pursue that angle (this should have been decided a long time ago, when your incident response plans were created). I'll also assume you haven't "tainted" the evidence so much that it'd get thrown out in court.

18usc1030

This seems to be the most common, assuming the feds take the case. Otherwise, it's subject to your local/state laws.

--
Jeremy L. Gaddis
GCWN, MCP, Linux+, Network+
http://www.jeremygaddis.com/

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------