[598] in Intrusion Detection Systems
Re: Question. (Was re:hacker's intro)
daemon@ATHENA.MIT.EDU (Gene Spafford)
Wed Feb 14 22:15:46 1996
To: ids@uow.edu.au
In-Reply-To: Message from "G.h.van den Berg" <guy@net-prophets.co.uk> of
"Tue, 13 Feb 1996 21:42:58 +0000"
<199602141424.BAA28005@wyrm.cc.uow.edu.au>
Date: Wed, 14 Feb 1996 11:53:39 -0500
From: spaf@cs.purdue.edu (Gene Spafford)
Reply-To: ids@uow.edu.au
"G.h.van den Berg" <guy@net-prophets.co.uk> said:
> I was just wondering who you thought found any of the holes in the first
> place? It sure as hell isn't down to all you so called security consultants!
If not, you aren't using very good consultants. People with proper training kno
w how to a proper analysis, and looking for software bugs is only a small part o
f that. Most hackers have little training in protocols, standards, or analysis,
and they don't get the big picture either.
This is not germane to intrusion detection, so further comments should probably
be taken to e-mail.
--spaf
