lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: purdy at tecman.com (Curt Purdy)
Subject: [inbox] Re: Reacting to a server compromise

HIPAA has made it a new world.  The attorneys are already salivating and
trying to dig up any potential "victims" they can find, look to Arizona as
an example.  Since this box was used to attacke doctor's records, there is a
good chance it's tracks will be found.  This guys got two options, either
don't touch the box, play dumb, and hope the cracker doesn't know how to
cover his tracks (unlikely), or dd the drive, take the box offline (in that
order in case it has a smart-bomb planted), and notify notify notify.

We are instituting IDS and logging systems for healthcare customers every
day and are finding attacks that they would not have even guessed at a year
ago.  By law they must keep their logs three years, plenty of time for even
scumbag lawyers to find it.  If you have done due diligence, you will be a
sitting duck.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions
cpurdy@...ol.com
936.637.7977 ext. 121

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke



-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Aron
Nimzovitch
Sent: Sunday, August 03, 2003 12:28 PM
To: full-disclosure@...ts.netsys.com
Subject: [inbox] Re: [Full-Disclosure] Reacting to a server compromise




No good deed goes unpunished.

Been there, tried that, nearly got hit with a lawsuit (IMMEDIATE
threat from the suit involved).  If the suits running the place had
half a brain between them, your "info" would be unnecessary.

If you cannot prove 'beyond a reasonable doubt' that you did not
conduct the attacks yourself and then post this BS as a coverup, you
will be overrun, no matter how "white" you might be.  Better have deep
pockets to proceed, or get the noobs here telling you to "tell all" to
pony up to your defense fund.  Ask Randall Schwartz about it sometime.

Welcome to the real America!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



Powered by blists - more mailing lists