On Wed, 2009-06-03 at 02:04 -0500, John R. Dennison wrote: > On Wed, Jun 03, 2009 at 01:57:20AM -0400, JohnS wrote: > > > > Dollars to Donuts ehhh??? > > How many donuts you think it will take to pay for legal costs and clean > > up if there are customer data on the machine? I think right about now I > > 4 chocolate eclairs should cover it :) > > But seriously... > > > would: > > 1. Notify Risk Management and Your Compliancy Officer. > > 2. Take it off the network connections. > > 3. Do a live rsync and dd image + ram copy = running processes/hidden. > > 4. Same as 3. but with the machine off. > > 5. The company attorney needs to be notified. > > 6. By State and Federal Law in the US you have so many days to report > > incidents like this to users (customers) and law enforcement. > > While the specifics vary from company to company depending on > your corporate escalation procedures the above points are very > valid and would of course need to be properly followed as > required by your corporate entity. > > My comment regarding donuts was intended to be flippant and add > a light side to the conversation; I assumed from the start that > the original poster would follow his corporations established > policy on notification and escalation as required. --- I guess all we can do is hope. No offense taken here though. JohnStanley