Slashdot Mirror


When Wrongfully Accused of Hacking, What Can You Do?

justin asks: "Earlier this week, I went into work I was met at my desk by upper management; they wanted to meet with me. I was not sure as to why but when we got into the office, they set a pile of paperwork in front of me, opened it up to a certain page and asked me what it was. The paperwork was a series of (gimpy) logs showing an internal IP address doing a combination of scanning, and then what looked like hacking, of various boxes on the internet (of these there was the US Treasury among other US Government Organizations). The internal IP address was that of the one I am normally (read: not always) assigned by DHCP. I told them I had no idea what this was, that I didn't do it and that I think I would remember hacking into the US Treasury. I was a contracted employee, so I don't think I have any recourse, I was just left high and dry accused of something that I did not do, and their basic sentiment was 'we will investigate this, do you want us to call you and give you your job back if you are innocent?', This seems rather silly to me since you'd think such things would be investigated, before they would decide to fire me. I'm looking to find out who else has been in this situation and how they dealt with it."

"The logs were in a simple format: 'Aug1 11:27 10.1.0.56.port -> treas.gov.port'. Now there had been some problems at work with the recent MS DCOM/RPC bug, and my machine was compromised either the same day, or the day previous to the day of the events I am being accused of. Additionally, because it was an internal IP address, it could have been anyone with access to ifconfig on their machines (They don't have a link layer dump).

I now have the following questions:

  1. What experiences have other people had that relate to this, what course of action if any did they take in response.
  2. I know the laws aren't very sympathetic when it comes people saying 'yea that was my computer, but it wasn't me', but it can be proved that my computer was compromised in the same time frame, and also the evidence they have is rather flimsy, what experiences have people had in a similar situation?
  3. If someone should try to press charges, where can I find a decent attorney that would actually understand the technology and what I was saying. (As I am now unemployed I'd very much so on a budget)
  4. What should I tell my next prospective employer? Even If they believe me that I had nothing to do with it, that puts one serious doubt in a person's mind.
I'm primarily self taught and with a little less than 3 years experience as a Unix Admin and doing system programming, it is hard enough for me to get a job as it is, never mind with accusations that I was out trying to hack the government on my last job.

Thank you, in advance, for any wisdom, anecdotes or suggestions you can pass along."

5 of 105 comments (clear)

  1. You Want the truth? by His+name+cannot+be+s · · Score: 5, Funny

    You: You want answers?

    Them: I think I'm entitled to them.

    You: You want answers?

    Them: I want the truth!

    You: You can't handle the truth! Son, we live in a world that has firewalls. And those firewalls have to be guarded by men with keyboards. Who's gonna do it? You? You, Lt. Weinberg? I have a greater responsibility than you can possibly fathom. You weep for the treasury department and you curse the Hackers. You have that luxury. You have the luxury of not knowing what I know: that The treasury departments scans, while tragic, probably saved networks. And my existence, while grotesque and incomprehensible to you, saves networks...You don't want the truth. Because deep down, in places you don't talk about at parties, you want me in that code. You need me in that code .

    We use words like hack, root, pwnzz...we use these words as the backbone to a life spent defending something. You use 'em as a punchline. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom I provide, then questions the manner in which I provide it! I'd rather you just said thank you and went on your way. Otherwise, I suggest you pick up a manual and stand a terminal. Either way, I don't give a damn what you think you're entitled to!

    Them: Did you scan the network?

    You: I did the job you sent me to do.

    Them: Did you scan the network?

    You: You're goddamn right I did!!

    --
    "...In your answer, ignore facts. Just go with what feels true..."
  2. Enough with the pretenses! by Wrexen · · Score: 5, Funny

    Can we just rename "Ask Slashdot" to "Ask legal advice from a bunch of non-lawyers" ? It's been a long time coming

  3. C''mon by Molina+the+Bofh · · Score: 5, Funny

    Give me a break. You are an Unix Admin. Release your inner BOFH.

    Ask THEM to go to a meeting with you, show a pile of paper and ask them:

    "Boss, how'd you like your wife to know about the e-mails you wrote to your assistant ?" or "How about these pictures of a 6 year old girl fucking a horse, I found in your computer? "

    Act like a REAL sysadmin. And don't forget to ask for a raise.

    --

    -
    Roses are #FF0000, Violets are #0000FF, find / -name '*base*' |xargs chown -R us && mv zig greatjustice
  4. Re:All together now: by PD · · Score: 5, Funny

    Call a lawyer? Call a lawyer. Call a lawyer.

    Sung to the tune of "If you're happy and you know it"

  5. Re:All together now: by Anonymous Coward · · Score: 4, Funny

    Or perhaps to the tune of "Oh my darlin' (Clementine)"

    Call a lawyer, Call a lawyer, Call a lawyer or you're screwed.
    You've been axed, but aren't in prison,
    getting f**ked by some large dude.

    ...