From owner-freebsd-hackers  Tue Jun 25 14:58:55 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA26742
          for hackers-outgoing; Tue, 25 Jun 1996 14:58:55 -0700 (PDT)
Received: from mercury.gaianet.net (root@mercury.gaianet.net [206.171.98.26])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA26732
          for <hackers@FreeBSD.ORG>; Tue, 25 Jun 1996 14:58:48 -0700 (PDT)
Received: (from vince@localhost) by mercury.gaianet.net (8.7.5/8.6.12) id OAA28219; Tue, 25 Jun 1996 14:58:15 -0700 (PDT)
Date: Tue, 25 Jun 1996 14:58:15 -0700 (PDT)
From: -Vince- <vince@mercury.gaianet.net>
To: Tony Kimball <alk@Think.COM>
cc: jbhunt@mercury.gaianet.net, Chad Shackley <chad@mercury.gaianet.net>,
        hackers@FreeBSD.ORG
Subject: Re: I need help on this one - please help me track this guy down!
In-Reply-To: <199606252116.QAA20467@compound.Think.COM>
Message-ID: <Pine.BSF.3.91.960625145719.25073M-100000@mercury.gaianet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Tue, 25 Jun 1996, Tony Kimball wrote:

> I suggest inducing the user to repeat her exploit.  Take the system
> down.  Wipe the user's directory.  Bring it up, with a motd reporting
> a disk crash, and partial restoration.  Log everything the user does.

	Well, he can always use another account to log back in..

> Or, you might just *ask*.  Most folks who hack a random ISP system do
> it for fun, and love to brag about it.

	Yeah, but some will never tell you how it's done...

Vince