Re: Tracking cracker, help?

[Andrew Smith <awsmith () rip ops neosoft com>]

> What's a better way to ask for, and obtain log information in a timely
> fashion?  Wait 6 months for a court trial, when everyone has purged their
> logs?
>
> Clues would be appreciated.
>
> -- 
> Dave Rand
> dlr () bungi com
> http://www.bungi.com
 
Official fax to the company on letterhead with a Cc list that includes
law enforcement, phone calls, asking if you may have the person that you
are speaking with on the phone for their name and position to include
in your reports, etc, etc, etc.

This sort of thing is frankly a severe pain, and many ISP's are tired
of people crying wolf (a fairly common thing is for people who think
that they are security experts to demand instant trackdowns of the
person who just did an expn command to their sendmail server, etc).

What you have to do is clearly and quickly get the point across that
you are not clueless, and that the person doing legwork for you isn't
wasting their time. Different methods work for different people (or
their managers ... usually a last resort though). At the worst, you
can only document lack of response.

---------------------------------------------------------------------------
Andrew W. Smith ** awsmith () neosoft com ** Network Engineer ** 1-888-NEOSOFT
       ** "Opportunities multiply as they are seized" - Sun Tzu **
            ** http://www.neosoft.com/neosoft/staff/andrew ** 
---------------------------------------------------------------------------