hi ya out here ( san jose area ) ... the agencies out here are fairly lenient and good about investigating computer crimes... they ( fbi ) get involved when "it" becomes a felony across interstate lines or gov't property... ( think a felony is anything that was $10,000 or more in damages ... forgot .. "a small amount" think they did confiscate some smurf attacker's PCs.. ( can't get confirmation etc...since it was under investigation at the time - told um the sites that maintains potential smurf amplifiers sites etc - took a month or so of "watching the smurfing going on" ....but dont think the smurf'ers been back since have fun linuxing/securing.. alvin On Sat, 13 Oct 2001, Jay D. Dyson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > On Sat, 13 Oct 2001, Michael F. Bell wrote: > > > Lets say you are a small realty agency, and you provide internet access > > to your employees and one of your employees hacks into the Whitehouse > > website from your internal network. > <snip> > > Who is liable?? What can the FBI do at this point? > > No liability is identified at the time. But I guarantee you that > the FBI will confiscate all machines on site and send them off for > forensics evidence gathering. Don't bother objecting that it will cause > your business undue hardship. LEAs don't care. Period. ... > Depends on the damages. If they reach a certain amount, the FBI > will be called in and we're back to situation one as described in the > earlier part of my reply. If the damages are minimal and don't warrant > FBI involvement, then eBay will simply absorb the loss, (hopefully) make > appropriate updates to their security policies, practices and procedures, > and mush on. > > In the final analysis, any system that can't do even basic > auditing and accountability on their networks will -- at the very least -- > wind up on many an admin's firewall blacklist. I've been doing as much > with abuse-friendly networks since the '90s. At most, the FBI will be > called in and will (in the name of the law) rip that network's systems > down to the wires. > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Oct 13 2001 - 16:06:45 PDT