HIPAA has made it a new world. The attorneys are already salivating and trying to dig up any potential "victims" they can find, look to Arizona as an example. Since this box was used to attacke doctor's records, there is a good chance it's tracks will be found. This guys got two options, either don't touch the box, play dumb, and hope the cracker doesn't know how to cover his tracks (unlikely), or dd the drive, take the box offline (in that order in case it has a smart-bomb planted), and notify notify notify.
We are instituting IDS and logging systems for healthcare customers every day and are finding attacks that they would not have even guessed at a year ago. By law they must keep their logs three years, plenty of time for even scumbag lawyers to find it. If you have done due diligence, you will be a sitting duck. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions [EMAIL PROTECTED] 936.637.7977 ext. 121 ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Aron Nimzovitch Sent: Sunday, August 03, 2003 12:28 PM To: [EMAIL PROTECTED] Subject: [inbox] Re: [Full-Disclosure] Reacting to a server compromise No good deed goes unpunished. Been there, tried that, nearly got hit with a lawsuit (IMMEDIATE threat from the suit involved). If the suits running the place had half a brain between them, your "info" would be unnecessary. If you cannot prove 'beyond a reasonable doubt' that you did not conduct the attacks yourself and then post this BS as a coverup, you will be overrun, no matter how "white" you might be. Better have deep pockets to proceed, or get the noobs here telling you to "tell all" to pony up to your defense fund. Ask Randall Schwartz about it sometime. Welcome to the real America! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
