Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers from 66.165.10.24. Where do we start, do I call the police in Bellingham or Washington State Police. We have blocked their ips but, we know they will come in another way.
the best thing is if you call the FBI, or NIPC. if you call your local FBI field office and say you're experiencing a cyberattack and could they give you the number for NIPC then it'll probably produce the results you want, even if NIPC has been renamed one or more times since i last talked to them, or if this old functionality within FBI is now handled by DHS, or both.
: the best thing is if you call the FBI, or NIPC. if you call your local FBI : field office and say you're experiencing a cyberattack and could they give : you the number for NIPC then it'll probably produce the results you want, : even if NIPC has been renamed one or more times since i last talked to them, : or if this old functionality within FBI is now handled by DHS, or both.
Call your local branch of the US Secret Service, if you're in the states, and ask for their electronic crimes division. If you're not in the states, contact your comprable local authority. They can work with you to coordinate with other jurisdictions, etc.
Wow, you guys have a lot of time on your hands! A DoS program was put on a PC where I do my day job and was put there by someone from the 81.x.x.x range. I have to get back to doing the netgeeking that I missed while troubleshooting the problem. How much more of my time do you think it'd take to convince international authorities that some kid who ran LC4 from Europe, got a password and put something from http://www.packetstormsecurity.org/DoS/index.html on one of the computers to attack his enemy of the day is worth their time and effort? Think globally. It ain't gonna happen... : > Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers : > from 66.165.10.24. Where do we start, do I call the police in Bellingham or : > Washington State Police. We have blocked their ips but, we know they will : > come in another way. You could always call someone here: http://www.whitehouse.gov/homeland/contactmap.html and we could bomb the crap outta them if they're not in the US... scott
On 21 May 2004 18:11 UTC Scott Weeks <surfer@mauigateway.com> wrote: | How much more of my time do you think it'd take to convince | international authorities that some kid who ran LC4 from Europe, | got a password and put something from | http://www.packetstormsecurity.org/DoS/index.html on one of the | computers to attack his enemy of the day is worth their time and | effort? Think globally. It ain't gonna happen... If you can get past "local" barriers, it very probably will happen. I'm in regular touch with the relevant authorities and I can tell you that the FBI is 100% targeted on getting results in exactly that area. While there are obvious difficulties with Russian (and neighbouring country) ISPs, for the rest of Europe any such misconduct gets fast action - as witness the speed with which Law Enforcement moved over the Sasser worm - the author of which is already in custody. If you are aware of any live case believed to be originating in Europe, I'm sure you can think of a suitable person with whom to get in touch! -- Richard Cox
On Fri, 21 May 2004 19:19:46 -0000, Richard Cox <richard@mandarin.com> said:
While there are obvious difficulties with Russian (and neighbouring country) ISPs, for the rest of Europe any such misconduct gets fast action - as witness the speed with which Law Enforcement moved over the Sasser worm - the author of which is already in custody.
*alledged* author. I mention this mostly because there's been at one case where they've arrested somebody for creating a minor tweaked variant, and gotten the press pointed at that rather than the fact that they never did (to my knowledge) find the guy who did the bulk of the work....
participants (4)
-
Paul Vixie -
Richard Cox -
Scott Weeks -
Valdis.Kletnieks@vt.edu