>
> Just to side-track this thread a little - I just received a call from
> someone in California, who said that one of our local dialup Internet
> customers was hacking his system! We determined who the customer was, but
> the problem is, what should our next step be? There are no local laws
> regarding hacking. Simply disabling the dialup account might open ourselves
> up to a lawsuit from the customer, particularly as we are the only providers
> of Internet service on the island (Grenada, West Indies).
>
> Any lawyers on the list?
>
IANAL, and do not play one on the net. However, sound practice would
call for you to have an Acceptable Use Policy that defines what's not
acceptable in this area, and what happens when the AUP is violated.
Otherwise you're almost bound to get sued if you do _anything_ in
terms of sanctions.
As a practical matter, I'd suggest warning the customer of the
complaint, informing him/her that he/she is responsible for use
of the dial-up account, and noting that a pattern of such behavior
will cause termination of the service contract. What you do
when the person's brother-in-law acts as surrogate to get the
perpetrator another account is a different matter....
--
W.C. Epperson "I have great faith in fools.
Chief of Systems Engineering Self-confidence, my friends call it."
Security Officer Emeritus --Edgar Allen Poe--
Curmudgeon-for-Life
Virginia Dept. of Education
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
