What you should do depends on either your company policy / practice or your own personal preferences. The place to go (should you decide to so) is the FBI. Although, I suspect you may find this a mildly traumatic experience. -----Original Message----- From: James Hepworth [mailto:jhepworthat_private] Sent: Friday, January 21, 2000 10:31 PM To: 'firewall-wizardsat_private' Subject: Hackers left open door to my server.. Someone tried to get into one of our boxes here and left a door (rcp) to one of their hacked servers. They also left quite a few files on the server, large list of servers, IP addresses, usernames and root passwords + their toolbox of toy scripts. Our system did not let them delete these files, but they thought they had. I also have the console log with them chatting to each other & the commands they issued. Is there any one place to report this type of violation or should I just clam up and clean up the box? The connection (rcp) is still up (not for long I suspect tho), I would like to catch these buggers..... Thanks JAMES Tired of bad Internet search results? Try http://www.muckymuck.com Cut Through the Muck!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:07 PDT