Kevin O'Gilvie wrote:
>
> Apparently over the weekend Poison Box got pass my Pix and overwrote some
> files on the intranet Box and maybe more damage than I know of at this
> Moment. I need help on finding out hjw they got in and how to prevent it
> happeneing in the future. Please help.
>
Contact a professional Incident Response company if you are really
concerned. If you are just curious, you may want to post the
relevant information (logs, times, dates, etc) to the Incident
mailing list that Security Focus maintains.
http://www.securityfocus.com (browse for mailing lists)
Just some advice...(forgive my indulgence of this OT post) don't mess
with the machine that you think has been hacked. Take it offline and
leave it alone. If you have suffered damages and want to take this
to court, that system is evidence and should be treated as such.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3457&t=3452
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
