?
Solved

FTP Tagged...

Posted on 2003-03-11
7
Medium Priority
?
361 Views
Last Modified: 2010-04-11
Hi,

we just recently had our FTP server "attacked" and tagged, this led to about 14Gb of stuff being uploaded and shared from our server, all before we noticed it. The problem was caused by incorrect permission inheritence on the ftproot and pub folders, since then its been fixed, i deleted the tagged folders and the uploaded warez (folders with reserved names/special characters) using the dos command "rd /x 'directory'"

now, i have the logs from all the transactions from around that time, and with that a list of IP addresses/dates/times. I know that a given ISP can trace the exact user to IP address if they have a time, what I am asking is that should we submit the offences (uploaders) to the relative ISPs or should we get in contact with an authority in regard to piracy (files included games/movies), and if so, who/where?
0
Comment
Question by:sKuLLsHoT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 8117021
You had the right idea by informing the ISP first because technically it was on their network. Usually this will due the trick as most ISP don't tolerate this behavior, it leads to liability issues. Don't be mean with them but be stern that you will press charges against them the next time if they don't do anything about it.

Most cable modems and DSL subscribers are obviously DHCP clients but the leases normally last for about 12 hours and most of the times they retain the same IP. If you can narrow down the time to about 12hrs they should be able to trace as they are required by law to retain logs for a certain amount of time.

This should do the trick it has for me in the past. If you think for one minute that the ISP is trying to blow you off just have your company legal counsel make one phone call to the ISP. Is the ISP an American ISP or another countries? If outside the USA you might run into a harder time.

Hope this helps,

TKK
0
 
LVL 1

Author Comment

by:sKuLLsHoT
ID: 8117448
it was an assortment of canadian, american, russian, and french ISP clients (mostly cablers) involved in the various activities.
i figure international legal action is a little far-fetched, but reportin straight to the ISP should still require action due to the nature of the material moved around - again im not sure on what other countries do for AUP's. not worth a mention to some form of media group like riaa or somefin? where would i do that?
0
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 8119056
Not sure I understand your question, what is AUP & RIAA?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:sKuLLsHoT
ID: 8123454
Acceptable use policy, recording industry association of america or somefin like that..

any authority for copyrighted material i should contact is pretty much the question now
0
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 50 total points
ID: 8123800
Oh, I wouldn't waste my time with that because they are so busy trying to shut down those they do know about. Have you ever used mIRC? This is nothing but warez and piracy everybody knows about it but there is nothing they can do. There is just too many of them for the companies to trace. They mostly spend their time going after those who try to profit off of illegal software. You here about a bust every now and then and when they get caught boy do they stick it to them, lol. You can shoot the BSA an email if you want, maybe they will follow up on it, maybe not.

http://www.bsa.org/

TKK
0
 
LVL 1

Expert Comment

by:Harry-Finn
ID: 8134087
Just Forget about it.

I would lock now anonymous access on your FTP.

These people are mostly 13 year olds who cant be touched by the law anyways.

In the mean time enjoy the 14GB they uploaded to you.

0
 
LVL 1

Author Comment

by:sKuLLsHoT
ID: 8148999
i just got a couple of accounts canceled at a few ISPs might look into other stuff but for now, the message i have left on the server for anyone that tries to access it should give them a hint - we need the anonymous ftp server for some services provided for our clients - we dont however need the anonymous users to upload to our server - thats all fixed now.

thankz
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question