[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: More hacked servers?



--Thursday, November 27, 2003 12:56:18 -0500 Eric LeBlanc <inouk@igt.net>:
> A least, they can stay us informed about their actions... for example:
> 
> 21 sep: hacked, we moved all domain to blah, bluh, blih.
> 22 sep: investiguation started, by X, X.  We think it will take X
> hours/day/month/years
> 24 sep: We still investiguate, please be patient, we think we will
> terminate that in two hour/day/month/years.
> ...
> 
> and so on, it's not so hard, and it's take 2 minutes or less.

I'd definitely prefer to have "them" working on getting things
up and running again and do the forensics. They should waste a
minute too much on reports that might proove wrong finally anyway.
This would confuse everyone more than it would help.
And, honestly, doesn't your experience show that wild guesses
about how long complex things might take nearly alway provve
wrong?

Why would I want to know who's typing what right now? I'd be
interested in a all-in-one final report, that's for sure, but
I'll be happy with this. And in case any urgent security problem
pops up during investigation I'm pretty sure we'll be
informed right away. The secteam has done an amazing job in the
past and I trust them to continue as responsible as before.

Cheers, Marcel

Attachment: pgpagmjo8dO10.pgp
Description: PGP signature


Reply to: