I definately agree... I had a redhat 6.1 box hacked from a machine in
Brazil.  Turns out the machine in Brazil was a shell account.  I asked them
to search the logs for the originating IP and it was spoofed.  No surprise
there.  So I setup a honeypot and had an amazing amount of port scans and
all other sorts of unwelcome probes.  But I'm afraid there is just no way to
track someone down these days.  And even if there were, what would we do
about it?

I know legal action is The American Way[tm], but it seems pretty hopeless to
sue some punk for hacking a system.  Your only hope is to know exactly what
they are capable of and beat them at their own game.

* Blake


----- Original Message -----
From: "Don Harrop" <don@nis4u.com>
To: <plug-discuss@lists.PLUG.phoenix.az.us>
Sent: Monday, September 25, 2000 2:38 PM
Subject: Re: user tracking


> \_ Thanks for the responses.  I never know about the command "last".  Very
> \_ cool.  I've already found out most of what I needed.  It was some guy
over
> \_ in Russia.  Those punks!  :-)
>
> I'd guess that the box in Russia was merely a springboard not the
> source.
>
> David
>
> ________________________________________________
>
> Thats true, but I couldn't trace it back any further than that.
>
> Don
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss