Re: fact, fiction, nonetheless...

From: Joe Callis (callisat_private)
Date: Fri Aug 10 2001 - 11:20:16 PDT

  • Next message: Marlon Jabbur: "Re: greetingz"

    It must depend on the severity of the attack, etc. At a previous job, we
    had a system get broken into, while the fbi investigated, they didn't
    ask
    us to turn over the disks (they did ask for pertinant logs, home
    directories,
    files, etc.).
    
    Regardless, it probably can't hurt to have a cold backup that you
    can drop into place, in case it is confiscated, crashed, compromised...
    
    "W. Reilly Cooley, Esq." wrote:
    > 
    > Thus spake Don  Tansey:
    > > <snip>> So: if I had a logging server that centralized the logs, in the
    > > event of
    > > > intrusion, the authorities would just confiscate IT... right?</snip>
    > >
    > >
    > > While I have heard tales of confiscating the perpetrator's machines
    > > I have never heard of the _victims_ machines being lifted.
    > >
    > > Perhaps some of the "authorities" on the list would care to comment?
    > 
    > My friend had a machine that was broken into and used to attack some
    > .mil sites.  I believe he was in fact required to send the machine
    > (or at least the hard drive) to g-men.
    > 
    > Wil
    > --
    > W. Reilly Cooley                           wcooleyat_private
    > Naked Ape Consulting                        http://nakedape.cc
    > LNXS: Get 0.2.0-devel at http://sourceforge.net/projects/lnxs/
    > irc.openprojects.net                                     #lnxs
    > 
    > Mencken and Nathan's Sixteenth Law of The Average American:
    >         Milking a cow is an operation demanding a special talent that
    >         is possessed only by yokels, and no person born in a large city can
    >         never hope to acquire it.
    > 
    >   ------------------------------------------------------------------------
    >    Part 1.2Type: application/pgp-signature
    
    -- 
    Joe Callis
    Susquehanna International Group, LLP
    phone: 610-747-2534
    callisat_private
    
    
    IMPORTANT: The information contained in this email and/or its
    attachments is
    confidential. If you are not the intended recipient, please notify the
    sender immediately by reply and immediately delete this message and all
    its
    attachments.  Any review, use, reproduction, disclosure or dissemination
    of
    this message or any attachment by an unintended recipient is strictly
    prohibited.  Neither this message nor any attachment is intended as or
    should be construed as an offer, solicitation or recommendation to buy
    or
    sell any security or other financial instrument.  Neither the sender,
    his or
    her employer nor any of their respective affiliates makes any warranties
    as
    to the completeness or accuracy of any of the information contained
    herein
    or that this message or any of its attachments is free of viruses.
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 11:43:37 PDT