Johannes Ullrich said: > O >> It's another mIRC based DDoS trojan that scans for NT-Password and IIS >> unicode exploits. >> So the next questions is... How do we go about apprehending the >> culprits? Can we somehow get wxmail.net revoked? > > IRC bots are a common plague. We do play 'whack the bot' once in a while > if we find out about it. So far, I have yet to see a case successfully > prosecuted. If you can find a case where the bot and the victim are in the same state you could try contacting your state police for assistance. The majority of state police agencies have Computer Crime Units/Task Forces, who would most likley be interested in these cases. Even if the bot and victim aren't in the same state you might want to contact them anyway, because it doesn't hurt to ask. As fas prosecution, Pennsylvania recently enacted new computer crime laws and one specifically addresses DOS attacks. Here are the laws: http://www.legis.state.pa.us/2001_0/sb1402p2429.htm Jon -- Trooper Jon S. Nelson, Linux Certified Admin. Pa. State Police, Bureau of Criminal Investigation Computer Crimes Unit Work: 610.344.4471 Page: 866.284.1603 jonelsonat_private ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
This archive was generated by hypermail 2b30 : Mon Mar 17 2003 - 09:59:35 PST