AW: Hacked using vulnerable FTP daemon.

[vogt () hansenet com]

> ISPs will never forward you any personal info, except if 
> you're a government
> investigator. And if an investigator gets involved the damage 
> has to be
> substantial (millions).

some more details on this:

good ISPs will do as above, but some others actually *DO* give out personal
info of their customers.

depending on local legislation, the ISP may even be breaking the law if he
gives you any personal info without a court order. over here (germany) it
would be a violation of the data privacy law and carries a substantial fine
(50k DM, roughly $25,000 *per violation*). nevertheless, both private
persons and investigators without a court order constantly try.

in addition, many ISPs do not *HAVE* the data you would need. there's still
a lot of countries without caller-ID on the globe, or it can be turned off,
so you would have to involve the telecom companies as well. at which point
the costs of tracking down someone go well above anything justifiable unless
he's done some really major damage.





> Don't talk about evidence, and don't blow things out of 
> proportion, this is just a simple mischief, happens to everyone.

exactly. to the ISP of your attacker, this is no big deal. the company I
work for tries to be friendly towards the internet, so we sometimes send
letters of warnings (in a friendly tone) to some customers. that is about
the best you can expect, and I guess that most ISPs won't even bother with
that.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com