[631] in Intrusion Detection Systems
Re: Question. (Was re:hacker's intro)
daemon@ATHENA.MIT.EDU (Chris Steel)
Fri Feb 23 02:15:36 1996
Date: Thu, 22 Feb 1996 15:33:06 -0500
To: ids@uow.edu.au
From: csteel@teir.com (Chris Steel)
Reply-To: ids@uow.edu.au
>4) This whole thread is getting far afield of IDs. I already dropped
>my subscriptions to several other security mailing lists because they
>had a high noise level from people who had installed "crack" and
>"COPS" and thus decided they were security experts. Please let's not
>let that happen to this list too? Can we please go back to intrusion
>detection as a topic?
>
>For instance, let's get back to the fact that more than 75% of system
>abuses in typical commcercial environments comes from insiders. Is
>anyone looking at what is different about these insiders that can be
>detected or monitored?
>
>--spaf
>
I agree that the noise level is a little high. I joined the list to learn
more about IDS and security (I have installed crack and COPS but don't
consider myself a security expert yet). What about sniffing inside a
firewall. Is there any way yet of possibly detecting a sniffer?
-Chris
-------------------------------------------------------------
Thomson Electronic Information Resources
205 VanBuren Street
3rd Floor
Herndon, VA 22070
(703) 736-1784
csteel@teir.com
http://amra.labs.thomtech.com
-------------------------------------------------------------
