Date: Thu, 1 Jun 2000 15:56:31 -0400 From: Chad Day <cday@beachassociates.com> To: 'David Johnson' <djohnson@acuson.com> Cc: "'freebsd-newbies@freebsd.org'" <freebsd-newbies@freebsd.org> Subject: RE: System intrusion Message-ID: <A8D9B16D2196D2118B6E00A0C9E307F423857B@beachpdc1.beachassociates.com>
next in thread | raw e-mail | index | archive | help
Ok, well, either way, I want to get more detailed log info on this guy.. I need to get detailed ftp logging. He keeps accessing the system on a daily basis, so it will be easy for me to mount up evidence. I installed wu-ftpd, backed up what has already been modified and moved it elsewhere, I'm having problems turning logging on though. In my inetd.conf: ftp stream tcp nowait root /usr/local/libexec/ftpd ftpd -l -l In my syslog.conf: !ftpd *.* /var/log/ftplog ftp.info /var/log/ftplog not logging though, even though I've kill -1'ed syslog and the inetd processes. Am I missing something? Thanks, Chad -----Original Message----- From: David Johnson [mailto:djohnson@acuson.com] Sent: Thursday, June 01, 2000 3:45 PM To: Chad Day Cc: 'freebsd-newbies@freebsd.org' Subject: Re: System intrusion Chad Day wrote: > My question is: what can I do? Should I contact the FBI? (if so, if > anyone knows how to go about this best who has had prior experience, I would > appreciate information) Contact AOL (which seems to be a waste of time)? From what I understand, the FBI will confiscate the host machine as evidence. Very stupid, sort of like evicting you from your home after a break in. You next best bet is to contact AOL and present them with evidence that their user committed malfeasance. If that doesn't work, then you have two options in my radical and rebellious opinion. If AOL does nothing, then block all AOL from your site, redirecting any requests to a page explaining why they're blocked and who the SOB responsible is. The second option, considering that when law enforcement breaks down, the law-abiding go vigilante, is to send a better hacker after this guy. Or mail bomb him. Be creative. All sorts of really sweet vengeance comes to mind that I dare not post in a public forum... David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A8D9B16D2196D2118B6E00A0C9E307F423857B>