From: Dave Powell (davep+@pitt.edu)
Date: Thu Aug 21 2003 - 18:18:55 EDT
Hi all! Longtime lurker, firstime poster here...
Just a quick question - was the IP address you were given incorrect, or did you do a typo when entering it into the software?
Also, how bad did your "friend" own the boxes...was it really obvious?
Anyway,
<my $.02>
Talk to a lawyer.
Personally, I would be inclined to clean up the mess and try to pretend it didn't happen, because depending on who you actually did hit (do you
know?) they may not even know (given the poor state of security of many networks), or be able to *prove* it was you. Hopefully, their IDS and
logging systems are as good as their patching routine ie: not very :)
If you tell them, you will be 1) embarrassing the execs and 2) giving them a target to vent this anger upon, they will then blame your "friend" for
*anything* they can (whether or not it is actually related), and go straight for your "friends" $$$ to compensate.
In other words, What They Don't Know Can't Hurt You. :)
In the meantime you may want to take your "friends" $$$ out of the bank and bury it in a deep hole in a secret location (maybe give it to Dick
Cheney?).
And start lifting weights.
</my $.02>
DaveP
HSLS Systems
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world<92>s premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT