Re: [cobalt-users] Standard email after attempted HAQ

["Carrie Bartkowiak" <ravencarrie@xxxxxxxx>]

> This is my proposal for sending an email to admins after
> scans of my system

Looks great, with a couple of additions (see below):

> The attempt was logged as an Active System Attack Alert.

I would change this to just say "Active System Attack".

>Please could you
> ascertain who was using your IP at this time. It may well be that it was
> none of your users, but that the security of your own system has been
> compromised in some way, leaving it open to use by unauthorised persons.

Here I would add:
The referenced logfile entries are included at the bottom of this letter for
further information. We would appreciate any help you can give us in
bringing this activity to an end, including detailed information on the user
that we may forward to the proper authorities, as well as any actions taken
by yourself to insure the cessation of  this breach of security.

(Or something like that, I literally just woke up [doing that 'when you get
up in the middle of the night and check email on the way to the...'] and my
head is still swaying - I've caught myself having fallen back asleep twice
just while typing this and am going back to bed!)

> Thank you in advance for your

Thank you in advance for your time and...

>assistance in helping to eliminate
> illegal and dangerous activity.
>
> Regards
> Leonard Payne

Here you could put a title, such as "Systems Administrator" or
"YourDomain.Com Security", as well as your website addy and a 'security@' or
'abuse@' email addy (don't forget to add that pop/alias to your site, and
send it FROM that address, too! [Rather than your normal or home addy]).
Like:

Regards, (or Sincerely,)
Leonard Payne
Systems Administrator
http://www.whateveryour.domain
security@xxxxxxxxxxxxxxxxxxx

> Any thoughts ladies and gents ??

You just got 'em... <grin>
Thanks for writing this!

CarrieB