nanog mailing list archives
Re: Advice requested
From: Sean Donelan <sean () donelan com>
Date: Tue, 29 May 2007 16:03:31 -0400 (EDT)
On Tue, 29 May 2007, Matthew Black wrote:
What would you do if a major US computer security firm attempted to hack your site's servers and networks? Would you tell the company or let their experts figure it out?
Contact your internal security and legal folks. Sometimes in large organizations, a group hires an external security firm to perform an audit (e.g. PCI, SAS70, etc) without talking to the correct people
elsewhere in their organization. "Security firms" should conduct due dilegence of the information beforeusing it, but sometimes they type the wrong numbers or addresses in their auditing tools. Your internal security and legal folks should send the appropriate cease and desist letter to the security firm. However, keep
in mind....the following:Since you didn't actually describe what you consider an attack; in many cases attacks aren't actually attacks but unusual, but "normal" network activity which some people aren't familar with. Or there is always the possibility of spoofed packets and routing, especially of "brand name" firms, by third parties.
If you can actually prove malicious intent on the part of a brand-name company, your lawyers will probably be very happy to start tallying their legal fees. But accidents, stupidity and ignorance explain a lot of things.
Current thread:
- Re: Advice requested, (continued)
- Re: Advice requested Pete Ehlke (May 29)
- Re: Advice requested K K (May 29)
- Re: Advice requested Pete Ehlke (May 29)
- Re: Advice requested George Imburgia (May 29)
- Re: Advice requested Jim Popovitch (May 29)
- Re: Advice requested Andre Gironda (May 29)
- Re: Advice requested Roland Dobbins (May 29)
- Re: Advice requested Valdis . Kletnieks (May 29)
- Re: Advice requested Roy (May 29)
- Re: Advice requested Al Iverson (May 29)
- Re: Advice requested Marshall Eubanks (May 29)
- Re: Advice requested Sean Donelan (May 29)