OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [suse-security] legal possibilities of attack reaction
From: Michael Weiser (michaelweiser.saale-net.de)
Date: Tue Oct 17 2000 - 12:14:27 CDT

Hello,

I'm administering some Linux machines permanently connected to the
internet which I'm trying to protect reasonably. Therefore I disable
unneeded services, keep software up-to-date, run a packet filtering
firewall and use a intrusion detection and protection tool (snort).

But the number of ping-, version- and portscans increases every day,
which makes me want to react more actively. Of course it'd be stupid
to attack the attacker myself but I'd like to at least notify the
administrators of the malicious users/customers of what's going on so
that they (can) stop it.

No problem so far but unfortunately a lot of sysadmins don't seem to
feel responsible until someone sues them. Therefore I'd like to send
out a carefully researched mail filled with some paragraphs to make
'em think. But since I'm a complete idiot at legal issues I don't want
to do it myself and prefer some already better done work of someone
who knows what she is speaking about. :)

So my (frequently asked, I fear) question is: Can someone help me out
with such a text, some facts or a starting point for a search? I'd
especially be interested in German and American law since I and the
machines in question are situated in Germany and most attacks come
from American networks.

Thanks for your help and sorry if it's really an FAQ and already
answered elsewhere. 

-- 
bye, Michael
Elephants don't play chess!

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com