[ale] security process question

Dow Hurst dhurst at kennesaw.edu
Wed Sep 25 18:10:32 EDT 2002 

Doug is completely correct.  The GBI or your local police office might 
give you the time of day.  Cobb County has a very high profile Internet 
Crime police division.  If you are private business and small, then you 
are out of luck.  This probably works in your favor since the FBI will 
normally confiscate the computers involved in the crime for forensic 
work.  You might or might not ever get the box back.  There is too much 
crime for them to support you.  You might contact Bob Toxen for ongoing 
patch support since security work is all he does.  I think from my 
experience with being hacked that prevention is the only method 
available to small businesses or projects.  Only really large 
organizations have the resources to lose hardware to an investigation, 
pump money into legal processes, and support with resources the long 
term process of actually getting someone found and convicted of an 
Internet based crime.  This situation is a good lesson in our 
vulnerability to this type crime, as there really isn't any support 
system for us, unless we pay for it from a consulting service.  The 
local police are not trained for this.  The FBI and GBI are not 
interested in us because we are too small.  If FBI and GBI were 
interested, most likely you would lose the equipment for months or 
years.  There just really isn't a good path for small business to try to 
convict the perpetrator.  Maybe a community of "Net based merc's" will 
come about to solve these problems.
Dow



Doug McNash wrote:

> Check out http://www.cert.org/ to report the incident but you will see 
> they already know about it.
>
> http://www.cert.org/advisories/CA-2002-27.html
>
> At an Atlanta Unix User Group meeting featuring an FBI agent, the 
> agent explained that federal law enforcement will not show any 
> interest until the loss value is greater than $X, where $X is 
> something in the range or >$100,000 or the number of people affected 
> is Y, where Y is > 5,000.
>
> --
> Doug McNash
> dmcnash at smyrnacable.net
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems 
> should be sent to listmaster at ale dot org.
>
>

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428
Systems Support Specialist    Fax: 770-423-6744
1000 Chastain Rd., Bldg. 12
Chemistry Department SC428  Email:dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list