Re: backdoor

["Christopher L Calvert" <ccalvert () us ibm com>]

> S.O.P. (Standard Operating Procedures) describe that a compromised box
> should be considere lost and be installed from scratch.>
>
> If you want to play with in isolation to learn more about the culprit that

> is your decision.
>
> However leaving a compromised system online makes you guilty of criminal
> neglect. (Aiding and embedding criminals and all that sort of thing.)

This is very commonly quoted to me as a justification for all kinds of
security
requirements. I have never found case law that supports this point of view;
I am even still looking for the actual law or decision that makes this
point. I
could easily be wrong, and I do agree strongly with the premise but this
advice
if not legally substantiated is bad. Does anyone have concrete legal case
law
or decisions to support this point of view and have civil or criminal
charges been
filed and won on this point as it applies to compromised systems? Thanks...

-- Chris

> As there is never a good waranty on trying to clean a compromised box you
> should not attempt it. (After all the box would most likely not be
> compromised if you were on the front of things.)
>
> Hugo.





----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com