[649] in Intrusion Detection Systems
Re: [AFWD] Re: Question. (Was re:hacker's intro)
daemon@ATHENA.MIT.EDU (Robert Angelino)
Thu Feb 29 10:27:54 1996
Date: Mon, 26 Feb 1996 08:52:24 -0800 (PST)
From: Robert Angelino <robert@puente.jpl.nasa.gov>
To: ids@uow.edu.au
Reply-To: ids@uow.edu.au
>>>For instance, let's get back to the fact that more than 75% of system
>>>abuses in typical commcercial environments comes from insiders. Is
>>>anyone looking at what is different about these insiders that can be
>>>detected or monitored?
>>>
>>>--spaf
>>>
>>
>>I agree that the noise level is a little high. I joined the list to learn
>>more about IDS and security (I have installed crack and COPS but don't
>>consider myself a security expert yet). What about sniffing inside a
>>firewall. Is there any way yet of possibly detecting a sniffer?
>>
>>-Chris
>
>
>Chris,
>When you begin installing sniffers within your organizations, you need to
>look at the issue of violation of an individuals privacy. ***Now before you
>go ranting*****, allow me to explain...
>Justification is the only weapon you will have when you approach your
>"boss", at whatever level that might be in gaining aproval for such a tool
>to be used. If prior approval is not obtained and one of the "users" finds
>out...there will be hell to pay in explaining why you were not just
>targeting one workstation...or any number of other questions which are bound
>to pop up.
>
>My basis for my statement is based on the fact that I work for the DoD and
>this is a CRITICAL element when we are looking at a system/site.
>
>Tony
Tony,
Are there any laws (federal or state) or cases you know of that cover
this issue of monitoring users with or wihtout their permission??
-robert
