Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

FBI Shutters Web Host

From: InfoSec News <isn () c4i org>
Date: Mon, 23 Feb 2004 11:15:38 -0600 (CST)
Forwarded from: William Knowles <wk () c4i org>

http://www.carrierhotels.com/news/2004/Feb/19/fbi_shutters_web_host.shtml

By Rich Miller
Carrier Hotels Editor
Posted Feb 19, 2004

If FBI agents showed up at your data center bearing a warrant, would 
you be able to provide them prompt access to customer data? How long 
would it take? 

That's an important question in the wake of an FBI raid of Columbus, 
Ohio hosting company CIT Hosting last Saturday. Federal agents wound 
up shutting down the entire operation, seizing all the company's web 
servers and all customer data as part of its investigation of a 
hacking incident. 

CIT Hosting, also known as FooNet, markets itself as "the leader in 
the IRC and DDoS protection business for the last 5 years." The 
company posted a web page informing customers that its data center was 
shut down, and instructing customers to contact the FBI if they needed 
access to their files.

"The FBI executed a search warrant issued by the United States 
District Court for the Southern District of Ohio regarding the IRC 
network that we host," the company said in its statement.

IRC (Internet Relay Chat) is a live chat system that allows users to 
create private discussion rooms. While IRC has a lengthy history of 
legitimate use, it is also a medium for discreet communication between 
hackers. CIT said the FBI was "investigating whether someone hosted on 
our network hacked and attacked someone else."

"After several hours of attempting to track down, inspect and audit 
the terabytes of data that we host, the FBI determined that it was 
more efficient (from their point of view) to remove all of our servers 
and transport them to the FBI local laboratories for inspection," the 
statement continued. "The FBI has assured us that as soon as the data 
has been safely copied and inspected, the equipment will be promptly 
returned. Unfortunately, the FBI has not been able to tell us when 
they will be completed with their inspection."

The seizure isn't standard procedure, and there's no way to know 
exactly what prompted it. CIT's account suggests the FBI may have lost 
patience with the process. The IRC-focused nature of CIT's business 
may also have been a factor.

But if you're a data center operator, you want to avoid any scenario 
in which the FBI gets impatient and starts hauling away your servers. 
Just one more item on the contingency planning checklist for the times 
in which we live.



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: