Security Basics mailing list archives
RE: Re[2]: Distressing, possibly life threatening emails from fre e accou nts (yahoo, hotmail
From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Mon, 2 Jun 2003 09:44:22 -0400
The sender did not indicate that this was spam or otherwise innocous e-mail, chain mail, etc. The sender indicated "possible life threatening" which is extermely serious. I realise that you can't always trace someone but most of the time you can and most users are not savy enough to go through a number of chain proxies, etc. Not that its impossible, it is unlikely inmost cases. But first steps should be as indicated and if you can't traceback then atleast you can bring what you have to LEO. Most Local PD's don't have the expertise or people to perform trace and if you can do most of it then it is helpful for them - it cuts down on time. In additon, 99% of e-mails can't be traced because the user never saved the headers for LE. If headers are not saved then you have no hope. I also have a number of contacts for local pd's and I can get the victim in touch with those who can help. Part of my job is digital forensics and investigations. I would rather have a report now and potentially be able to help now then to have a physical crime scene later if the person was assualted or worse. I suggest that it is better to try to trace then to do nothing at all. If it sufficient for someone to write that they are receiving possibly life thrreatening e-mail then it is our duty to try to help them with advice that will help fund the culprit and hopefully protect thembby advising LEO. Sonja Robinson, CISA Network Security Analyst HIP Health Plans Office: 212-806-4125 Pager: 8884238615 [snip] You see, if the "terrorist" is smart enough, there is no way to detect his identity. If the attacker will use a chain of proxies and will combine the letter via Telnet-session, even the log-files of mail server will not help you in any way. -- Best regards, Street mailto:streetseeker () mail ru ********************************************************************** This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender of the error immediately, do not read or use the communication in any manner, destroy all copies, and delete it from your system if the communication was sent via email. ********************************************************************** --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Re[2]: Distressing, possibly life threatening emails from fre e accou nts (yahoo, hotmail Robinson, Sonja (Jun 02)