Tracking the hackers
This article is about tracking down the person or persons who have successfully attacked one or more of your computer systems. We will not be explaining how to secure your Web servers but rather how to prepare for the eventuality that they fall under someone else's control.
You need to be prepared for an attack so that when someone breaks into your essential systems you can respond as quickly and rationally as possible. Panicking can result in lost forensic evidence or, even worse, lost business. You can't leave your compromised Web host visible (and risible) on the Internet but you shouldn't blindly restore a backup and assume that the hacker won't repeat his actions either. There's been a problem and your job is to fix it as fast as possible and ensure it never happens again. After that you can choose whether or not to track down the perpetrator. But before you kick off a major police investigation there are some serious issues to consider.
The link for this article located at transceiver.co.uk is no longer available.