[lug] SUM: Reporting an Intrusion
bthoen at gisnet.com
Tue Sep 13 12:50:48 MDT 2005
Thanks for the advice, everyone, but it looks like you're right. A hack on
my little machine is not a big deal in terms of national security, but
here's what the FBI said.
First, the difficulties are that the originating IP appears to be outside
the United States, and also that the limit of actual damages in this case
(time spent in repairing the system) was probably not more than $100.
Though the FBI agent didn't say so, the message was clearly "don't hold
Here's a little sample from the logs if anyone's curious about where this
event came from:
18.104.22.168 - - [12/Sep/2005:10:42:31 -0600] "POST
HTTP/1.1" 200 9461
"Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)"
Anyway, they took down my information and told me to preserve the log
information that shows evidence of the intrusion in case anyone wants to
see it later, and also to report it on the www.ic3.gov (Internet Crime
Complaint Center) website. Apparently that's one place where hacking
information does get centralized, and maybe they'll see a wider pattern
one day and send a double-O agent to Jakarta to liquidate someone...
So I guess just like trying to fight spam by reporting it, reporting
hacker activity is just about as satisfying. I have a feeling that my
report is going to be filed in that govt. warehouse where they stuffed the
ark in the Indiana Jones movie.
- Bill Thoen
More information about the LUG