| Hehe, this reminds me of the time some stupid IT major here on campus was doing illicit port probes for a couple remote-control trojans. He was running them on his own subnet, no less. I picked up the attack in BlackICE's logs.
With a little help from the housemate with the server (he works for the campus computer management/helpdesk people), I got his campus computer network username, then used LDAP to find out his name, campus address, phone number, AIM name, email address, etc.
I ended up sending him an anonymous email with the times he probed my machine, a lot of the above info, and a suggestion he quit probing machines, lest he be reported and booted out of school. And I mentioned that, under the US Patriot Act (IIRC), such attacks could be construed as terrorism and he could be put away for a very long time. :) |