| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030802072748.GA27722@trusteddebian.org> From: peter at trusteddebian.org (Peter Busser) Subject: Reacting to a server compromise Hi! > My question is: Do I report this, and run the risk of the Feds charging > me because these attacks originated from my subnet? Do I inform the > owners of the machines that were hacked that their systems have been > compromised? Judging from the usernames, some of these machines belonged > to doctors offices, and may contain sensitive information. Or should I > just have a nice cup of STFU, and pretend nothing happened? I can understand that you want to try to stay out of trouble. But I think the ``right thing'' to do is of course to contact the other people as soon as possible. It makes sense too if you want to stay out of trouble. Because you clearly show that you care about what happened and want to limit the damage done to others. Keeping quiet is what an attacker would do. So you would act like an attacker, which makes it only harder to stay out of trouble if a few of those hacked machine owners find out your machine was the cause of the problem. Groetjes, Peter Busser -- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
Powered by blists - more mailing lists