Security Incidents mailing list archives

Re: hacked server, DDoS bin installed

From: Andrew Sledge <asledge () gpc edu>
Date: Wed, 07 Dec 2005 10:35:16 -0500

Typically, you should contact your local FBI office - they can be foundin the white pages. Take the machine offline and do nothing with it.If you tamper with it, the forensics results may be skewed and anydefense lawyer will use that fact to their advantage. Also make sureyou document EVERYTHING you have done since encountering the exploit.


naptime () gmail com wrote:

a customers server got hacked.. binary in tact, seems like they were DDoSing.. strings brings up the irc server, 
channel name, key.. where is the fbi address where i can send this information to?

thanks


-Sledge

Current thread:

hacked server, DDoS bin installed naptime (Dec 07)
- Re: hacked server, DDoS bin installed Val Kaelin (Dec 07)
- Re: hacked server, DDoS bin installed Andrew Sledge (Dec 07)
- RE: hacked server, DDoS bin installed J B (Dec 07)
- Re: hacked server, DDoS bin installed Jay D. Dyson (Dec 07)
  - Re: hacked server, DDoS bin installed Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Dec 08)
  - Re: hacked server, DDoS bin installed RonaldJW (Dec 08)
  - Re: hacked server, DDoS bin installed Paul Robertson (Dec 12)
- RE: hacked server, DDoS bin installed richardcg (Dec 08)
- Re: hacked server, DDoS bin installed -- To put it another way... Ron (Dec 08)
  - RE: hacked server, DDoS bin installed -- To put it another way... richardcg (Dec 12)
  - Re: hacked server, DDoS bin installed -- To put it another way... Thorsten Holz (Dec 12)
  - Re: hacked server, DDoS bin installed -- To put it another way... Rembrandt (Dec 12)

(Thread continues...)