Compromised boxes

[Sean Donelan <sean () donelan com>]

On Wed, 09 February 2000, lucifer () lightbearer com wrote:
> (BTW, the box in question was taken off-net, and is currently being given
> the scorched-earth treatment; the person in question will be undergoing
> education in security principles from a veteran operator, and realizes
> that the compromise was made possible by their own negligence... now.)

Of course those are their boxes to do what they want with.

But if anyone does have a compromised box involved in the current round
of DDOS, please don't "scorch" it.  Assuming you don't mind losing your
equipment for a while, give your local FBI office a call and ask if they
want to look at it.  They'll tell you whether to leave it running, shut it
down gracefully, or just yank the power cord.

Hopefully the FBI will work and play well with others, and not do annoying
things like seize equipment.  They've said they wanted to create a
"partnership" with the community before, but maybe this time they mean it.