RE: Reporting malicious people?

["Brad Bemis" <brad.bemis () secureitexpert com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

The answer to your question depends on a couple of factors.  

- From the sound of things, you are trying to report a security incident that
happened just to you on a personal computer...  or am I misreading this and
you are talking about an attack that was conducted against a corporate asset
for which you are responsible?  

Which country and state/province are you in?  This will also influence who
you can report these types of events to.

Assuming that you are reporting as an individual - and that you are in the
US...  here is a link that will get you all the information you need for
reporting this to the proper authorities:

http://www.justice.gov/criminal/cybercrime/reporting.htm

If not, just repost with some answers to my questions and I can offer some
alternatives...
     
Brad Bemis, CISSP, CISA
Information Security Professional
SecureITExpert | Seattle WA
===========================
PGP KeyID: 0xC89B8AA1 (.asc)
http://www.secureitexpert.com      
http://twitter.com/SecureITExpert 
===========================
"Change is the Only Constant!"

- -----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of ichib0d crane
Sent: Monday, November 01, 2010 6:16 AM
To: security-basics () securityfocus com
Subject: Reporting malicious people?

I was curious as to what would be the most effective way to report malicious
activity from remote attackers. Who I should contact and what not. I've
tried contacting the ISP of the originating IP but that seems to rarely
work, or even elicit a response most of time.

Heres a kicker to, it's quite often that after investigating malicious
activity that I find a lot more personal detail's that skiddies and phishers
would prefer I didn't have. Who would I give this info to, and how to
contact them?

For example, I browsed my spam folder recently and found a simple nigerian
scam. I pulled the simple 'hackers dont fall for this' ploy (and no, I
really don't care if the label applies or not, its just useful if they think
so) and I have the guy immediately eating out of my hands, thinking im
ACTUALLY going to be a business partner. I lied my way out of handing out
contact info and instead elicited HIS contact information. I've got a
number,(possible) name, his home country, IP + ISP. If I scrounge up change
for a pay phone I can probably get even more concrete details. But I have no
clue what to actually DO with any of this information, and I rather NOT just
leave this guy alone on his merry scamming ways :)

Any advice would be appreciated!

Gage Bystrom

- ------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate.  We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
- ------------------------------------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.10.0 (Build 500)
Charset: us-ascii

wsFVAwUBTNQQxx2oBrjIm4qhAQgIbQ/9GasbfKjgmKka4XnXgz1FjhWXEhQVSSui
k3TQd5VxvZ56FQpkppo6eh35ZvyrfNEfI4cipVu8Eq3bUuqYAIc66QAVQW6eg4xQ
PXecgdFxRCGWr9FjoLkM/XOfshE/xayqZr1L84ckz4pioGe/TrnMd05xcTTI8xeN
bmrdATXz8vaLdV0WvjURgjbLi5UVwFdsG0VcUAV00Rl2UiIxTfxCyU52t2OyDG3k
I52JR/n9C3DMQSCF1BjAkymNDrccir5lpoZqW3nkltu5Gzh6GxQOTzYFAzEd+wrI
WlTkBhSee/TOE4o3lgOP7pXqZoS0df7/tQ+j1TkX1cTDC/Nbj4r4GgSSFxFOvz2R
gkigdDX6fKzp87886fAlcMnqRxWoLXbpmmib28Mbj2og4E1esZMJP+9YnZX+CCDr
2esbkHERFRRv++B8B0G9OezVpKAMt7CWIcrqxW/aHUynrqOLqhLtLjR0QBb7GG11
83GyeAX4yGPrxM2/9lXDgkTFybz6H3INZ8WElegsINZBrwRjrdQWs8zrcIgv91WQ
oPZeKn5EGMYbHf9j5z25sC2MjhDOxg35nCKeJX2ok5yZoeqbFSd2b/nwoLa7YnIx
TXfYYLBbCt3Y6BIEjHSl0vgkGkKV51OAQVQsbYKvzW9IoLif9FUIYe/hH7f+/YbD
DP57sbCn9qA=
=H6Rd
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------