story (Score 5, Interesting)

I'm just a grad student, and one day, I installed something (I think it might've been an nfs server) without firewalling it (I did some sort of thing which had the deamon reject connections from outside my subnet). I was hacked. Funny thing is, they went straight from my machine to my roommate's, an old 486 which was also a webserver. From my roommate's machine, the hacker served a rootkit (cleverly named "..." in the root html directory).

Enter the FBI, who showed up in my roomate's lab asking about his computer (amoung other things). Picture yourself a grad student answering his lab door to find men in suits (an uncommon experience) who say they're part of the FBI (also uncommon), and mean it (still less common). After some questions, it was hesitantly established that my roomate was not the hacker serving root kits from his home computer.

From there, the FBI (with our permission) bugged our appartment. They put a "tap" in our appartment, which consistend of a special switch and a *very* loud windows machine that sat on our internet connection listening for hacker activity. The installation of the tap involved 7 FBI agents, none of which new nearly as much as my roomate about networking (that the broadcast ping couldn't get through their special switch with the word "tap" on it was a real mystery). Neadless to say, I didn't fool around with bittorrent or the like durring that time.

After a month or two, they caught the hacker (who was sweedish, apparently), and eventaully prosecuted him successfully.

Point is: sometimes it is useful to not reinstall immediately when hacked -- it can result in a good story :)