[96963] in North American Network Operators' Group
RE: Advice requested
daemon@ATHENA.MIT.EDU (michael.dillon@bt.com)
Tue May 29 19:38:38 2007
Date: Tue, 29 May 2007 22:29:30 +0100
In-Reply-To: <b89003940705290914w60dabd1enaceac37d467aaefe@mail.gmail.com>
From: <michael.dillon@bt.com>
To: <nanog@nanog.org>
Errors-To: owner-nanog@merit.edu
> 1) Locate baseball bat
> On a more serious note, I'd contact them and ask for them to stop.
> Barring that call a lawyer and have a fancy letter sent to=20
> someone's boss.
Seems pointless really. If you detect someone hacking your servers and
your company does not have a network security department where you can
report these things, then dust off your resume and look for a new job.
Basically, one of two things is happening. Either someone is breaking
the law, or someone has been hired by senior management to test your
abilities. If the former, then tell your security people and let them
figure out whether to get the lawyers involved. If the latter, then tell
your security people and get some brownie points for a) noticing, b)
acting promptly, and c) notifying the proper people to deal with
security threats to your business.
--Michael Dillon
=20
