uh, heavy to find a good subject for this thread...
however...i will try carefully speaking about.

lets say,
you found a IP in your logfiles to many times,
portscanning your host, trying passwords and so on.

what would you do ?

yes, you would say:
"Let us have a look on it !"

"What ports are open there?"

let's say,
you scanned the host and the only thing you found compromisable
is a anonymous ftp server.
you would login to see whats goin on there, won't you?

but, and thats my question,
what would YOU do if you'd found a way related on the stored files there
to gain administrative rights on that host ?
would you tell the admin there how to compromise his machine ?
may be the machine is beeing used for bad things by UNKNOWN,
the admin could say that YOU have done all that **** there...!?

please tell me what you think about.

and, please please do not answer me like:
"send him your logs" (to show him his machine is goin deep into abuse)
or something equal 'cos i wasn't never in such a situation
and i never ever wasn't there to try getin in.

thanks to you by treating it like never happened ...

stanger