[646] in Intrusion Detection Systems
Re: I'm with Gene
daemon@ATHENA.MIT.EDU (Dan Stromberg)
Thu Feb 29 09:59:39 1996
Date: Mon, 26 Feb 1996 09:01:47 -0800
From: Dan Stromberg <strombrg@test34a.acs.uci.edu>
To: ids@UOW.EDU.AU
Reply-To: ids@uow.edu.au
serw30@gibson.cioe.com wrote:
> >1) Network security is a key to a secure working enviroment. Do not
> >leave simple things uncovered. example Novell is a batchfile OS so
> >secure it, do not allow users to execute it's sudo-dos commands.
> > 2. I'm not a windows expert but i've hear NT has a good passwd
> >program unlike Novell which is all text based.
'last I heard, it allowed access if you mistyped your password a
couple/few times.
> position is much better than someone trying to pull off a simple social
> engineering ploy. The trick is detecting a change in their actions or
> routines that will indicate a willingness to abuse the system. Does anyone
> profile known abusers after the fact, to determine some common theme of
> behavior amongst them?
The common behavior is: they all break into systems.
Ya gotta be careful when setting up "cracker profiles"; there's a pretty
high potential for misuse.
