[TriLUG] stollen computer
Wed, 3 Oct 2001 14:53:45 -0400 (EDT)
On Wed, 3 Oct 2001, Rodent of Unusual Size wrote:
> Mike McLean wrote:
> > I wouldn't even call it hacking. It sounds like the
> > accounts are still intact -- he'd just be logging in
> > to his own accounts.
> Ever heard 'possession is nine-tenths of the law?' It's
> no joke -- don't screw around with this. Don't log
> in, don't do anything intrusive at all, until you get
> a go-ahead from the FBI. Otherwise a very reasonable
> case could be made that *you're* cracking.
This assumes that the owner of the new computer isn't going to reimage it
with Windows 98 tomorrow.
You can gather evidence that proves that your hardware is located on this
fellow's network. Take a snapshot of the shadow file - if you know your
passwords, I'm sure that would stand up in a court of law. Gather any
evidence that includes the mac address of the machine.
But.....don't do anything vengeful. Like I said before, the guy who is
using your computer in Reston, VA is most likely NOT the guy who stole it
out of your apartment in Chapel Hill, NC.
> Ping and traceroute should be okey, though. :-) But IANAL,
> nor a LEO.
> #ken P-)}
> Ken Coar, Sanagendamgagwedweinini http://Golux.Com/coar/
> Author, developer, opinionist http://Apache-Server.Com/
> "All right everyone! Step away from the glowing hamburger!"
> TriLUG mailing list