RE: Email Hack: Help.

• To: "'Security Mail" <www-security@ns2.rutgers.edu>
• Subject: RE: Email Hack: Help.
• From: "Hamilton, Ed @ OTT" <EHAMILT@mtl.unisysgsg.com>
• Date: Wed, 26 Jun 96 08:14:00 EDT

Canada and the US have a join agreement to prosecute offenders.  However, it 
will be difficult to do too much to this individual, as the only real crime 
is theft of computer resources.  I am not quite sure how you determined the 
location of the individual, but you may want to disallow any access from 
specific IP addresses related to the location that you say is from Canada.

 --- Ed.
 ----------
From: owner-www-security
To: World Wide Web Security
Subject: Email Hack: Help.
Date: Monday, June 24, 1996 12:42PM

Hello Everyone,

We've got a problem here with a hacker. There's some punk
apparently hacking a mail server somewhere and sending BS postings all over
the net regarding get rich quick schemes, etc - from a non-existent
account on our server. They've done it twice so far, from two different
non-existent accounts.

1. Is there any authority who we can call about this type of incident?
2. What are the methods one uses to do fake these FROM fields? And is
   there a way to prevent it?
3. What are the limits of prosecution available, is it typical US justice
   where even if they're caught red handed, nothing is done?

In addition, the culprit is apparently from Canada (from one of the
mail-me-some-cash addresses contained in the get-rich-quick letter)...which
is a long drive, but not so long that I won't make it to solve this
problem if necessary.

All information will be greatly appreciated.
Best regards,
Doug

• Previous: SSL testing
• Next: Re: SSL testing
• Index(es):
  • Index
  • Thread