Re: Who's liable?

[Alvin Oga <alvin.sec () Mail Linux-Consulting com>]

hi ya

interesting problem....

think that law enforcement folks wanna get the "right hacker/cracker"

if someone trys to put up roadblocks... than they might find themself
becoming suspect ??
        - they just want the cooperation to get those responsible

most small biz cannot afford a "security expert" or security-anything
        - hackers know it.... so these small biz and users on dsl lines
        at home are prime candidates for staging machines to attack their
        target victims

not an easy solution/problem ... since now everybody has a pc on their
desk at home and work and around the world to do productive things or
equally mischeivous things

-- dont worry about them .... "fix your own network" as best as you can
   given the time, budget, experience, knowledge one has...
        - security is kinda like backups... 
        you know you should get it done before something(disks) breaks

-- if you maintain networks for small biz.... securely logg everything...

have fun
alvin
http://www.Linux-Sec.net

On Sat, 13 Oct 2001, Michael F. Bell wrote:

> These are fictional scenarios that I am SURE that
> other people would like to discuss.
>
> Lets say you are a small realty agency, and you provide internet access
> to your employees and one of your employees hacks into the Whitehouse
> website from your internal network.  You do not have any logging going
> on from your SOHO firewall and the FBI shows up at your door one day
> with a warrant to search your computers for evidence of hacking into the
> Whitehouse website.  The FBI searches all 10 computers in your network
> and comes up without any hard evidence from these 10 machines linking
> them to the the hack into the Whitehouse website.  Your company is not
> doing  any firewall logging and you do not have any public servers that
> could have been hacked so someone could have remotely launched the
> attack?  All that the FBI has is your publicly NAT'ed firewall address.
>
> Who is liable??  What can the FBI do at this point?
>
> The above scenario is all fictional from my standpoint.  I could imagine
> that this is someones reality though...
>
> Lets change the victim from a Goverment agency to a private one.  Lets
> say that EBAY got hacked and they launched the same sort of
> investigation with the same findings..  What can be done from a legal
> /financial standpoint if an attack is detected from your company network
> and there is no proof on exactly who did it?  Can the victims take legal
> action against you, or is there some sort of protocol from a legal
> standpoint that hinders this?  
>
> > Michael Bell
> > mike_b () rhinobyte com
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com