[unisog] Successful prosecution of system breakers
Peter Van Epp
vanepp at sfu.ca
Sun Jun 9 16:51:29 GMT 2002
> On Fri, Jun 07, 2002 at 08:25:54AM -0400, Stan Horwitz wrote:
> > I doubt that many
> > universities have the staff and resources to do any kind of forensics on
> > hacked systems.
> We did. For our own particular reasons, we wanted to press charges
> against a particular individual.
> IT IS A LOT OF WORK AND IS VERY TIME CONSUMING!!!!!
> Simply looking at a net trace, and saying "Its obvious" doesn't
> work in court.
> Pete Hickey | | VEIWIT
> Communication Services | Pete at mudhead.uottawa.CA | Makers of transparent
> University of Ottawa | | mirrors for
> Ottawa,Ont. Canada K1N 6N5| (613) 562-5800x1008 | dyslexics.
What he said :-) I'm aware of 4 other successful prosecutions in Canada
in the last 10 or 12 years. We did one of them back in 92/93 as did UBC across
town in 95 and the U of Manitoba (I think) did one about 99 all thinking we
were first (except UBC) and finally there was mafiaboy in the last couple
of years. From the one we did, unless you are the start of the chain its
hopeless, our boy never did anything (except the initial breakin to get an
account to use) here. He looped through a minimum of 5 compromised systems
(most without logging) before cracking. If you caught his crack on the end
machine the traceback would be basically impossible because of the lack of logs
in the middle machines.
It was also as Pete said a huge amount of work. The upside is we so far
haven't had to repeat. There was a huge drop in trouble just after the
procsecution became public in 95. That is probably also in part due to the fact
that we (and UBC) stopped being the only Internet source in town about that
time and it (was and is) much safer to crack from one of the local ISPs or now
days a cable modem or ADSL connection than us.
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the unisog