Time to test the water out there…
SITUATION: A machine is executing ongoing script-based attacks on your network servers.
You know, by analysis of the traffic hitting your servers from the machine that it is infected with “X”. You also know that machines infected with “X” have given full control to anyone on the Internet who knows how to take it.
This attacker is significantly degrading your Internet capabilities as a businessand your livelihood.
The machine’s owner has been notified and has failed to take appropriate action to stop the attacks (Within 24 hours).
SOLUTION? Use the established security hole in the machine to set it to automatically shutdown on every boot-up and then issue a shutdown command to the machine (effectively removing it from its ability to attack you and impded your businesses success.
Would this be protecting your business, or lowering one’s self to the level of the person who compromised the server in the first place? Where do you stand?
