[CentOS] Centos 5.3 -> Apache - Under Attack ? Oh hell....
jses27 at gmail.com
Wed Jun 3 07:11:08 UTC 2009
On Wed, 2009-06-03 at 02:04 -0500, John R. Dennison wrote:
> On Wed, Jun 03, 2009 at 01:57:20AM -0400, JohnS wrote:
> > Dollars to Donuts ehhh???
> > How many donuts you think it will take to pay for legal costs and clean
> > up if there are customer data on the machine? I think right about now I
> 4 chocolate eclairs should cover it :)
> But seriously...
> > would:
> > 1. Notify Risk Management and Your Compliancy Officer.
> > 2. Take it off the network connections.
> > 3. Do a live rsync and dd image + ram copy = running processes/hidden.
> > 4. Same as 3. but with the machine off.
> > 5. The company attorney needs to be notified.
> > 6. By State and Federal Law in the US you have so many days to report
> > incidents like this to users (customers) and law enforcement.
> While the specifics vary from company to company depending on
> your corporate escalation procedures the above points are very
> valid and would of course need to be properly followed as
> required by your corporate entity.
> My comment regarding donuts was intended to be flippant and add
> a light side to the conversation; I assumed from the start that
> the original poster would follow his corporations established
> policy on notification and escalation as required.
I guess all we can do is hope. No offense taken here though.
More information about the CentOS