Sounds perfect. Killing two birds with one stone.
- Jason
At 05:13 PM 7/21/99 -0400, Carric Dooley wrote:
>Couldn't you contact the user before hand?
>
>Scenario:
>I call my user from whos account I see some suspicous activity. "Hey,
>there has been some strange stuff going on with your name on it. You may
>have been hacked, we need to change your password and maybe even the
>login". Now, if this is your hacker, my guess is he/she will think, "Holy
>crap, they are watching me. I'll change my password and quit what I'm
>doing before I get into trouble!". If the account was comprimised, my
>guess is Joe Hacker assumed the user has changed his/her password for some
>reason and either a: [stupid hacker] hack the new password and continue
>as he/she was doing and then we can log everything he/she does and
>possibly catch them or b: [smart hacker] he/she goes away suspecting the
>password was changed because the user might think he/she has been hacked.
>
>Thoughts on this?
>
>Carric Dooley
>COM2:Interactive Media
>http://www.com2usa.com
>
>On Tue, 20 Jul 1999, Jason wrote:
>
> > At 11:59 AM 7/20/99 -0400, you wrote:
> > >Just to side-track this thread a little - I just received a call from
> > >someone in California, who said that one of our local dialup Internet
> > >customers was hacking his system! We determined who the customer was, but
> > >the problem is, what should our next step be? There are no local laws
> >
> > What information did he give you to verify that it was indeed a
> > hack attempt ?
> >
> > >regarding hacking. Simply disabling the dialup account might open
> ourselves
> > >up to a lawsuit from the customer, particularly as we are the only
> providers
> > >of Internet service on the island (Grenada, West Indies).
> >
> > You can cancel the account and wait till the customer calls. And
> > explain to the customer that because of abuse of your company's policy
> that
> > his account has been canceled.
> >
> > - Jason
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
