|
i don't beleive anyone accepts "criminal" reporting via email. this is for serious problems and would take time. when the coordinated attack against Yahoo & others major web sites, the FBI was quickly contacted and involved. They have teams to work on this, along with other groups, white-hat hackers (the good guys). The program within the FBI is called the National Infrastructure Protection Center http://www.fbi.gov/contact/fo/norfolk/nipc.htm The Norfolk center seems to be headquarters, but there are many field offices around the country. They do work with private industry, but as you may guess, it would have to be "serious". I do know they are looking into "coordinated" attacks on US corporations. There is some good info on their site. I have never been involved in a report, so cannot say "how serious" it needs to be. I know they are not into script-kiddie attacks, except on US Gov sites. jim ----- Original Message ----- From: <rob@dekko.com> To: <midrange-l@midrange.com> Sent: Tuesday, August 28, 2001 9:24 AM Subject: Re: Reporting hacking > > I checked out > http://www.fbi.gov/ > But they currently do not accept email, nor do they have an online method > of reporting a problem. I guess I have so much other stuff to do that > reporting every probe would be a hassle. > > Rob Berendt > > ================== > A smart person learns from their mistakes, > but a wise person learns from OTHER peoples mistakes. > > > > "Jim Franz" > <franz400@triad.rr. To: <midrange-l@midrange.com> > com> cc: > Sent by: Subject: Re: Reporting hacking > midrange-l-admin@mi > drange.com > > > 08/27/2001 07:27 PM > Please respond to > midrange-l > > > > > > > > Is there a channel to report hacking? > > > if it is a random attack, block the ip address at the router or firewall, > and step up monitoring. > Watch your other network devices, router, firewall, NT's etc. > They may be your weakest link (say it ain't so!) then it may be easy to > plant > a sniffer on an NT and wait for your 400 traffic to float by. > If you are being persistently targeted by the same address, contact the > FBI. > I think they are interested in certain foreign groups. > FBI is in most phone books. > jim franz > > > > My boss is enamored with Op's Nav performance monitoring. He happened to > > notice that the FTP jobs on our web server 400 were eating up some CPU > > percentage. Not much, but some. We were getting ready to do a ftp site > > but not prime time yet. We fired up our Pentasafe reports and determined > > that a certain IP address was trying to probe us for ftp. Pentasafe was > > slamming the door on them. We decided to try to access that ip address > > from one of our browsers and got a Romanian pharmaceutical company. > > (Although I am not too good on my Cyrillic alphabet). > > > > Since our ftp is not prime time yet, we changed our firewall to block all > > external ftp for now. Basically as a defense in depth, and to take a > load > > off of the 400. We thought about just blocking this IP address: > > 212.93.151.182 > > > > Rob Berendt > > > > ================== > > A smart person learns from their mistakes, > > but a wise person learns from OTHER peoples mistakes. > > > > _______________________________________________ > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > > To post a message email: MIDRANGE-L@midrange.com > > To subscribe, unsubscribe, or change list options, > > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > > or email: MIDRANGE-L-request@midrange.com > > > > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > or email: MIDRANGE-L-request@midrange.com > > > > > > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > or email: MIDRANGE-L-request@midrange.com >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.