Re: Possible comprommission, what to do ?

[Erwan David <erwan@rail.eu.org>]

On Thu, Nov 13, 2014 at 03:45:06PM CET, Carl Fink <carl@finknetwork.com> said:
> Confirm that your caller was really from the police. In English we refer to
> a crime called "spearphishing", which involves basically tricking people
> into giving away important information, often by impersonating the police.
> Here in the United States, spearphishers sometimes claim to be the FBI.

I am in France, the woman claimed to be from "Gendarmerie des
transports aériens" (air transport police) because the pirate would
have operated from servers of an airline. I did not give any
information, and succeeded in making her give me the IP of the server,
and my contact address at the company to which I rent the server. This
company policy is to give name only with a "commission rogatoire" (a
judge order), and I trust them on that point.

I was very careful not to give any login name (even less passwords),
but she did not even hint at asking them, so the phone call might have
been legit.

However the pirate might have tried and not accessed (the site from
which he could have gathered information about me did not contain any
shared login nor password)

chkrootkit shows nothing...