Re: Abuse Complaint/Postmaster issue

[Aaron Silver <asilver () epoch net>]

First of all I have to apologize to the community here.. that email was accidentally sent to Security Focus instead of 
our internal Security Group mailing address.

To answer the question (since I did after all start it. :-) ) With the privacy restrictions that are currently in place 
we are limited in the information we can provide to the person who reported the incident. Usually this consists of the 
fact that we've investigated the complaint, taken some actions, and if appropriate that we now feel the situation has 
been dealt with and is considered closed. If someone wishes to persue this matter further I place them in contact with 
our Legal department so they can determine the best way to satisfy any legal requirements for obtaining more 
information.

I agree that the customer should be prepared to document and provide as much information as possible in the event legal 
action does take place.

Aaron Silver
Epoch Security Engineering


jamie rishaw wrote:

> This is all too common of a mistake that companies make.
>
> "Oh, someone hacked the machine of one of our customers.. they reinstalled
> the OS"..
>
> Well, perhaps, but the issue of the abuse/attack/compromise still lies,
> and, at least in my eyes, the customer is responsible for providing some
> basic forensic data upstream in case the victim wishes to pursue legal
> action.
>
> I'd be interested to hear companies' policies on this sort of issue, and
> how they deal with it ..  (Not Epoch's, obviously).
>
> jamie



----------------------------------------------------------------------------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see:

http://aris.securityfocus.com