Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Dealing With Unwanted But Official Security Probes?

Posted by timothy on from the surely-you-have-nothing-to-hide dept.

An anonymous reader writes "I manage a few computers for an independent private medical practice connected to a hospital network. Recently I discovered repeated attempts to access these computers. After adjusting the firewall to drop connections from the attacking computers, I reported the presumed hacker IP to hospital IT. I was told that the activity was conducted by the hospital corporation for security purposes. The activity continues. It has included attempted fuzzing of a web server, buffer overrun attacks, attempts to access a protected database, attempts to get the password file, etc. The doctors want to maintain a relationship with the hospital and are worried that involving law enforcement would destroy the relationship. What would you advise the doctors to do next?"

2 of 238 comments (clear)

  1. Re:Is this not your local net police? by Gothmolly · · Score: 5, Interesting

    Block them anyway; claims it's part of your normal operations. Hint: they're probably stupid enough to use 1 or 2 IPs.

    --
    I want to delete my account but Slashdot doesn't allow it.
  2. Re:Is this not your local net police? by Hizonner · · Score: 5, Interesting

    They're not auditing their security. They're auditing somebody else's security. "Independent private medical practice" means a separate corporation that happens to have a network link. Not "within their rights", and not legal, either.