[ISN] FBI Shutters Web Host

From: InfoSec News (isn@private)
Date: Mon Feb 23 2004 - 09:15:38 PST

  • Next message: InfoSec News: "[ISN] EEYE: ZoneLabs SMTP Processing Buffer Overflow"

    Forwarded from: William Knowles <wk@private>
    
    http://www.carrierhotels.com/news/2004/Feb/19/fbi_shutters_web_host.shtml
    
    By Rich Miller
    Carrier Hotels Editor
    Posted Feb 19, 2004
    
    If FBI agents showed up at your data center bearing a warrant, would 
    you be able to provide them prompt access to customer data? How long 
    would it take? 
    
    That's an important question in the wake of an FBI raid of Columbus, 
    Ohio hosting company CIT Hosting last Saturday. Federal agents wound 
    up shutting down the entire operation, seizing all the company's web 
    servers and all customer data as part of its investigation of a 
    hacking incident. 
    
    CIT Hosting, also known as FooNet, markets itself as "the leader in 
    the IRC and DDoS protection business for the last 5 years." The 
    company posted a web page informing customers that its data center was 
    shut down, and instructing customers to contact the FBI if they needed 
    access to their files.
    
    "The FBI executed a search warrant issued by the United States 
    District Court for the Southern District of Ohio regarding the IRC 
    network that we host," the company said in its statement.
    
    IRC (Internet Relay Chat) is a live chat system that allows users to 
    create private discussion rooms. While IRC has a lengthy history of 
    legitimate use, it is also a medium for discreet communication between 
    hackers. CIT said the FBI was "investigating whether someone hosted on 
    our network hacked and attacked someone else."
    
    "After several hours of attempting to track down, inspect and audit 
    the terabytes of data that we host, the FBI determined that it was 
    more efficient (from their point of view) to remove all of our servers 
    and transport them to the FBI local laboratories for inspection," the 
    statement continued. "The FBI has assured us that as soon as the data 
    has been safely copied and inspected, the equipment will be promptly 
    returned. Unfortunately, the FBI has not been able to tell us when 
    they will be completed with their inspection."
    
    The seizure isn't standard procedure, and there's no way to know 
    exactly what prompted it. CIT's account suggests the FBI may have lost 
    patience with the process. The IRC-focused nature of CIT's business 
    may also have been a factor.
    
    But if you're a data center operator, you want to avoid any scenario 
    in which the FBI gets impatient and starts hauling away your servers. 
    Just one more item on the contingency planning checklist for the times 
    in which we live.
    
    
    
    *==============================================================*
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    ----------------------------------------------------------------
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ================================================================
    Help C4I.org with a donation: http://www.c4i.org/contribute.html
    *==============================================================*
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Feb 23 2004 - 17:36:02 PST