i work for an isp, and what happens is, the website will call us up, and say "a user broke into our server at xx:xx am/pm" we then look at who was logged on at that time, on that ip address, and we can tell their username, and also if they have caller ID like we do, we can tell their phone number. However, we don't give out that info without a court order, because of privacy. But we tell that to the website that was cracked. ----- Original Message ----- From: - To: Cc: Security Basics (E-mail) Sent: Tuesday, July 03, 2001 4:15 AM Subject: tracking rogue dialup users > Greetz. > > Just a matter of interest. > > Say there is user A, he dials up to ISP J. > User A breaks into server X. > Server X has the ip, he contacts the isp.... > How is the user tracked from there on... > > Do servers like CiscoSecure ACS keep track of the ip and the time connected. > The reason I am asking is in my little experience that I had with > CiscoSecure ACS and their radius, I could not find such info on the logs. > Is tacacs perhaps a little better, will it give me more info? Or will this > user just get away with this -- Doubt it though.... > > Any help will be greatly appreciated. > > Ciao Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11145&t=11145 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]