Re: FTP hack of two web sites



backdropman1@xxxxxxxxx wrote:
Seeking any advice on what to do or how to proceed on an FTP attack which left me the IP address of the hacker in my Logs?
So far I have given the IP address to their ISP but I have no idea what if anything the ISP did.
It would fall under one of these sections od 18 USC

Contact your local law enforcement and, perhaps, the local office of the FBI, if management wishes to pursue that angle (this should have been decided a long time ago, when your incident response plans were created). I'll also assume you haven't "tainted" the evidence so much that it'd get thrown out in court.

18usc1030

This seems to be the most common, assuming the feds take the case. Otherwise, it's subject to your local/state laws.

--
Jeremy L. Gaddis
GCWN, MCP, Linux+, Network+
http://www.jeremygaddis.com/

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



Relevant Pages

  • Re: Nimda et.al. versus ISP responsibility
    ... versus ISP responsibility ... > Problem is that one ISP can't go it alone. ... support staff contact the customer and explain the problem. ... For more information on this free incident handling, management ...
    (Incidents)
  • Re: USENET Problems.
    ... I've spent the morning talking with my ISP management, ... They're afraid that if they set up something, and I end up downloading like ... they have no idea how much they're sucking from GigaNews, ...
    (misc.news.internet.discuss)
  • Re: Can a UK Internet Service Provider turn off a companys Internet connection by mistake and not be
    ... the DNS management was left ... The Email server is managed on site and has a backup server it was the loss ... party other than the ISP. ... I'd advise against moving DNS to your new ISP - what's to stop ...
    (uk.legal)
  • FTP hack of two web sites
    ... So far I have given the IP address to their ISP but I have no idea what if anything the ISP did. ... The Norwich University program offers unparalleled Infosec management ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: RE: Sorbs.net DNS Blacklist
    ... I worked in the past for one ISP and some of our custommer were hitted by Sorbs list. ... the best way could be a system where ISP block their IP block to deny access to their list. ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)