[Dshield] Consensus Question
Johannes B. Ullrich
jullrich at sans.org
Wed Dec 3 14:49:58 GMT 2003
> What do you tell them when you return the box?
I am not sure if you have a legal liability, but at least I
would consider it professional to tell them about the extend
of the possible damage. Allow them to make up their mind in
if its 'worth the trouble'. But at least you will be able to
say "I told you so".
Couple things I would suggest:
- Do change all passwords on this systems, and on other
systems on your network that use the same password.
- Change passwords you had stored on this system, or passwords
you used to log in to other systems while using the compromised
machines (to avoid keystroke grabbers).
- Get a credit report
- if you stored credit card numbers on this system, get new
I think this covers the "basics". Things get more interesting if
customer information was stored on the system. In this case, the
business may have an actual legal liability. Thing get more
complex (and expensive) in this case.
If information like credit card numbers and social security numbers
where stored, the business should notify customers. It may even
be legally required to do so (e.g. CA).
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 786 1563
fax: (617) 786 1550 jullrich at sans.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031203/414a3077/attachment.bin
More information about the list