Not being a lawyer but interested in the prosecution of criminals, I would be inerested to see any comments on the necessary evidence required to bring a case against the perpetrator. One of the problems that we have with a denial of service attack is the lack of a trail to follow. If we have no evidence trail, what can be done? Robert Parker AXENT Technologies ______________________________ Reply Separator _________________________________ Subject: Re: Update on mail bombing threats--not so funny Author: ids@uow.edu.au at ccgate-ut Date: 1/23/97 1:13 PM >Uhm, read the USCS 1029 and 1030. They have to do with illicit >access devices, applicable to passwords, credit card numbers, >etc. Sending someone email has _nothing_ to do with access >device fraud. Read. Think. flaming people who talk about law >but are basically clueless, Max 1. I don't believe I flamed anyone. I have that skill, but would like to think, seldom used. And IDS is among the *best* of all the lists I read for content quality and flame retarding properties (pat on back, Mod). 2. 18 USC 1029 was not mentioned because it does not apply to the original incident description. You are correct IRT access device and this citation, but access device misuse was never an issue. 3. What *is* an issue is denial of service which in my experienced opinion is included in 18USC1030 especially with the 1994 and 1996 amendments. The original incident description indicated to me a deliberate effort to attack the victim for their refusal to carry a particular web page/site. The attack consumed considerable resources of the company to react to the attack and denied service to both users and customers. While not addressed in the original Public Law, the 1994 amendments broadened the law and specifically included language to address DoS attacks (and some pretty poor wording on viruses but that's off-topic and has been changed now anyway). The Economic Espionage Act from last year changed the wording and paragraph ordering of the law and AFAIK has not yet been published as codified law (I checked on two net archives for the USC two weeks ago, but have not checked Lexis or Westlaw which will probably have it first). You can pull a copy of last year's Act from Thomas and then do a cut and paste with your favorite text processor. ___________________ Dave Kennedy CISSP Protect what you connect Look both ways before crossing the Net National Computer Security Assoc 76702.3557@compuserve.com