Security Incidents mailing list archives
Re: backdoor
From: "Christopher L Calvert" <ccalvert () us ibm com>
Date: Sun, 23 Jun 2002 20:35:26 -0600
S.O.P. (Standard Operating Procedures) describe that a compromised box should be considere lost and be installed from scratch.> If you want to play with in isolation to learn more about the culprit that
is your decision. However leaving a compromised system online makes you guilty of criminal neglect. (Aiding and embedding criminals and all that sort of thing.)
This is very commonly quoted to me as a justification for all kinds of security requirements. I have never found case law that supports this point of view; I am even still looking for the actual law or decision that makes this point. I could easily be wrong, and I do agree strongly with the premise but this advice if not legally substantiated is bad. Does anyone have concrete legal case law or decisions to support this point of view and have civil or criminal charges been filed and won on this point as it applies to compromised systems? Thanks... -- Chris
As there is never a good waranty on trying to clean a compromised box you should not attempt it. (After all the box would most likely not be compromised if you were on the front of things.) Hugo.
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: backdoor, (continued)
- Re: backdoor Jonas M Luster (Jun 23)
- Re: backdoor Kyle R. Hofmann (Jun 24)
- Message not available
- Re: backdoor Jonas M Luster (Jun 24)
- Re: backdoor Hugo van der Kooij (Jun 26)
- Re: backdoor Greg A. Woods (Jun 26)
- Re: backdoor Jonas M Luster (Jun 23)
- Message not available
- Re: [incidents] Re: backdoor Jonas M Luster (Jun 25)
- RE: [incidents] Re: backdoor Don Weber (Jun 26)
- Re: backdoor Eric Rostetter (Jun 26)
- Re: backdoor Valdis . Kletnieks (Jun 26)