Forensics on Virtual Private servers [closed]
Posted
by
intiha
on Server Fault
See other posts from Server Fault
or by intiha
Published on 2012-10-04T07:07:19Z
Indexed on
2012/10/04
9:40 UTC
Read the original article
Hit count: 193
So these days with talks about having hacked machines being used for malware spreading and botnet C&C, the one issue that is not clear to me is what do the law enforcement agencies do once they have identified a server as being a source or controller of attack/APT and that server is a VPS on my cluster/datacenter?
Do they take away the entire machine?
This option seems to have a lot of collateral damage associated with it, so I am not sure what happens and what are the best practices for system admins for helping law enforcement with its job while keeping our jobs!
© Server Fault or respective owner