OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Cracked; rootkit - entrapment question?
From: Jon Lewis (jlewisLEWIS.ORG)
Date: Thu Mar 16 2000 - 23:32:13 CST

On Wed, 15 Mar 2000, CL: Nelson, Jeff wrote:

> associated with the loss. The last I heard from them on this (over 1 year
> ago) that amount was $25,000. Our loss, per the FBI, is tallied based upon
> time and materials used to stop the attack and to repair. I calculated our
> loss for the case we have pending to be less than $15,000. I am expecting
> the agents in charge of this case to tell me they will not be able to go
> further.
>
> And, <soapbox = 1> I have to say this really pisses me off. It cost us
> almost $7,000 in software licensing, multiple hours through the normal
> business day and over 30 hours straight for two of my staff. Yet, the
> 'person' that did this gets away with absolutely no consequence. So,

One way to solve this problem is, assuming your system was one of many
hacked, trace the hacker back through a couple of other systems, contact
their admins, and combine your damages into one massive "bill" for the
FBI/USAG. Then you _can_ show sufficient damage to continue the
investigation. Of course, when they catch up with him, they'll probably
find that he's still in highschool (if that old) and not touch him.

----------------------------------------------------------------------
 Jon Lewis *jlewislewis.org*| Spammers will be winnuked or
 System Administrator | nestea'd...whatever it takes
 Atlantic Net | to get the job done.
_________http://www.lewis.org/~jlewis/pgp for PGP public key__________