JJ humbly i would like to interject that a consultant cannot replace someone on your own staff that knows something about security....
-pat On Wed, 24 Oct 2001, J wrote: > David: > > > Seriously, your best bet may be an independent consultant. This is for a > variety of reasons: > > --) Independent consultant is not aware of any internal company > politics, so that's not a factor should you end up prosecuting the > offender; > > --) Consultant may have expertise in this area that you don't (evidence > collection.) > > --) Once job is done, consultant is done; you don't need to hire them. > > > Lastly, breaching a computer system (in most cases) is a U.S. federal > offense. Your local law enforcement, or even the FBI have teams of > people dedicated to this problem. You may want to work with them in > developing a method to catch the perp. > > Just my thoughts, > > > JJ > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of David Ng > Sent: Tuesday, October 23, 2001 5:14 PM > To: [EMAIL PROTECTED] > Subject: Please assist, tracking or IDS options. > Importance: High > > Dear all, > We have a NT network that was hit the other day, in the sense that > it was remotely shutdown by an individual somehow. The person might have > the passwords and also sound technical expertise in remote utilities. Is > there a way for me to trace where the traffic was coming from that day > and what IP address? Also, is there a way to automatically capture the > screen if it was remotely controlled? > Please advise, thanks in advance. > > > Sincerely, > > > > David Ng > > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls