Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Dealing With Unwanted But Official Security Probes?

Posted by timothy on from the surely-you-have-nothing-to-hide dept.

An anonymous reader writes "I manage a few computers for an independent private medical practice connected to a hospital network. Recently I discovered repeated attempts to access these computers. After adjusting the firewall to drop connections from the attacking computers, I reported the presumed hacker IP to hospital IT. I was told that the activity was conducted by the hospital corporation for security purposes. The activity continues. It has included attempted fuzzing of a web server, buffer overrun attacks, attempts to access a protected database, attempts to get the password file, etc. The doctors want to maintain a relationship with the hospital and are worried that involving law enforcement would destroy the relationship. What would you advise the doctors to do next?"

2 of 238 comments (clear)

  1. Re:Is this not your local net police? by ColdWetDog · · Score: 5, Funny

    Just make it look official and let everybody know you're using all the most modern coding tools. For example, your mythical patient could suffer from a burn due to water skis being on fire (ICD 10 code V91.07XA). Or he could have been attacked by a turtle (W5921XA).

    Real codes, but it would be rather unlikely to find such traumatic incidents in actual medical practice.

    --
    Faster! Faster! Faster would be better!
  2. Oh for some mod points ... by hedronist · · Score: 1, Funny

    This!

    I checked the codes and they actually do mean that.
    Elegant, classic, subtle, in-your-face.

    +10!