[766] in Intrusion Detection Systems
Introductions
daemon@ATHENA.MIT.EDU (-= IDS Moderator =-)
Sat Nov 23 15:19:02 1996
From: ruf@uow.edu.au (-= IDS Moderator =-)
To: ids@uow.edu.au (Intrusion Detection System Mailing List)
Date: Sun, 24 Nov 1996 03:14:10 +1100 (EST)
Reply-To: ids@uow.edu.au
-----------------------------------------------------------------------------
Message-Id: <199611200903.2820@ecr.mu.oz.au>
From: "Ilya Joel-Pitcher." <ijoelp@ecr.mu.oz.au>
g'day
I'm an Australian computing student. I have also just recently got a job
for a computing comapany and are responsible for Network maintainence.
Most of it is on NT 4.0 but particular concerns are the Internet aspects of
our site (web server, ftp server and so on)
Ilya Joel-Pitcher
-----------------------------------------------------------------------------
Message-Id: <32932A83@mnbp.network.com>
From: "Russell J. Dwire" <dwirerj@vavi.network.com>
Folks,
My name is Russell Dwire. I'm a System Security Engineer working Network
Systems Corp. (www.network.com)
There is a paradigm shift occurring within the Information Security
arena. The shift is called Intrusion Detection and Response . It is
occurring because the Information Security Industry has come to the
realization that the present security devices are not able to react
dynamically to the ever changing system and network security vulnerabilities
which are exploited by unauthorized individuals or organizations attempting
to compromise the existing networks. The vast majority of the current
security devices attempt to prevent unauthorized users from infiltrating the
networks or systems. Additionally, they usually passively audit traffic
flowing through their systems. Finally, this information gleaned from the
security devices must be reviewed and analyzed by human intervention to
ensure no anomalies are present. There isn't anything a Information
Security member can accomplish after an event has occurred, except damage
assessment and then try to recover from it as much as possible. I
continually communicate with peers who are within the Information Security
industry, and they have said they are also searching for ways to provide the
real time intrusion detection and response. If an individual or agency
desires to compromise a network. There isn't a way to prevent that from
becoming a reality. Current devices are capable of slowing an individual
down, but if they are determined, they will be successful. This is one
justification for the need to provide real time detection and response.
My company Network Systems Corporation (www.network.com) and Wheelgroup
are presently leveraging the NetRanger product by filling the current void
in the Information Security arena. NetRanger is able to audit and respond
to unauthorized communications at Real-time.
Enough of my propaganda! Seriously, I believe we are coming upon a new era
within Network Security and intrusion detection is the key.
Russell Dwire
russell.dwire@network.com
-----------------------------------------------------------------------------
Message-Id: <Chameleon.961120133729.gary@crumrig.fadpc.im,us-state.gov>
From: crumrig@us-state.gov
Sorry that I did not give you much of a description in my first message.
For all of you out there, My name is Gary Crumrine, I work at the US State
Department managing their internet firewalls. My experience comes from 20
years of computer programming in the military (Yes I know what a punch card
is)and then growing to networking/ administration/design etc... After
retiring from the Military, I have sold my soul to the highest bidder and
now work in Washington, DC. as a beltway bandit as we like to be known as.
Great market! As long as you don't have to live there.
I am always on the look for information on how to catch the bad guys.
Looking forward to listening in on the list. I promise not to flame or
spam the unclean.
-----------------------------------------------------------------------------
Message-Id: <1.5.4.32.19961120220643.002d5ae8@mail.metro.net>
From: "Patricka@immecor.com" <patricka@immecor.com>
Hello, I'm Patrick Allen, a computer technician from California. I'm
interested in information about making the web site for the company I work
for secure and hack-proof.
Patrick
-----------------------------------------------------------------------------
Message-ID: <3293E727.47F5@pc.jaring.my>
From: David Leong <davl@pc.jaring.my>
Hello, my name is David from Taylor's College in Malaysia currently
studying for my A-Levels there. I am interested to know more about
computer security as I hope that whatever I can learn from here will be
useful when I further my studies in computers.
David.
-----------------------------------------------------------------------------
Message-ID: <Pine.LNX.3.94.961121103537.6422A-100000@arlecchino.comedia.it>
From: Andrea Rizzi <memory@comedia.it>
ok you want know what i think and what i do and so ...
1) i like learn something about intrusion detection system,because i'm new
in this scene.
2) i like understand something about the net and in particular about
backdoor.
3) i'm student and i'm developing software in Java(since 8 weeks
ago),before this work , i wrote some intros e demos in asm x86 language
i make some interesting thing with ASM :-).
4) that's all, now am i in?
byez
-----------------------------------------------------------------------------
Message-Id: <9611211244.AA04393@donald.univ-poitiers.fr>
From: Jean Michel Doublet <doublet@donald.univ-poitiers.fr>
Hello,
My name is Jean-Michel, and i'm a french student.
I'm very interest by security information because i want to be system
administrator.
Too much system administrator thinks that their site don't need to be protect
seriously. But when a hacker comes in their system is a big surprise.
Me, i don't want to be surprised so i subscribe to mailing list to learn
more and more.
Sorry, for my horrible english :-)
Bye
-----------------------------------------------------------------------------
Message-Id: <0033000001910855000002*@MHS>
From: WWEBB1@email.usps.gov
I'm a Special Projects Team Leader with the Field Service Computing
Center, DEC Systems Support, United States Postal Service.
While system security is not a primary aspect of my job, I have been a
system manager in former positions, and I do work closely with our
data security types.
I believe that it's important to know what the "bad guys" are up to,
even if one's own system or OS isn't directly affected.
----------------------------------------------------------------------
William W. Webb <wwebb1@email.usps.gov>
Field Computing Service Center - DEC Systems Support
National Information Systems Support Center, USPS
-----------------------------------------------------------------------------
Message-id: <01IC3P9EEBAA9BVGV6@admin.usask.ca>
From: "TERRY (TR) ROEBUCK; 966-4841" <Terry.Roebuck@usask.ca>
In keeping with the "open" spirit of this list, my introduction/short resume
follows. I am a grad of the U. of Sask. and have been working here ever since
in a variety of jobs all within the data processing area (I started in 1969 and
have never got out -- I think if I would have shot some one I would have been
out of jail by now :-). I have a various times been a programmer, a programmer
analyst, a systems analyst, a manager, and now "I is a consultant". Since 1984
I have been also teaching Business Systems Analysis (yes, still here at the
University). My current areas of expertise include telephone and IVR systems,
business systems analysis and crime analysis. For the past 3 years I have been
involved in electronic investigations (computer fraud, e-mail based
harrasement, telephone frauds, risk analysis, copyright violation and
investigations of computer breaches).
My interest in this list is probably obvious. I do not wish to stiffle the
free flow of ideas on this list, and certainly am not "policing" list users; I
do however, have strong views about computer systems security (and the lack
thereof). I know that there is a strong temptation for people to "push the
envelope" in all fields of human endeavor -- that, in fact, is probably one of
the few things that might save our race -- and computers and security is no
exception (in both offering a strong temptation for exploration and possibly
saving the race -- deep thought?). So call me a learner; I know that the area
of computer security is already too broad to be encompassed by any individual
and so I choose to seek understanding in the skills of investigation of
incident; as the deputy chief here said "you gotta take a cop and teach'em
computing or you take a geek an teach'em to be a cop" (this quote will probaly
get me into trouble and does not do justice to the originator ;-)
My long form signature follows:
Terrance (Terry) Roebuck
"A man with too many hats, including..."
Systems Analyst; Consulting and Development Services
Dept. of Computing Services
Lecturer (Business Systems)
Dept. of Computational Science
Consultant/Crime Analyst
Dept. of Security Services
-- University of Saskatchewan --
Room E 181 -- Administration Building
Saskatoon, Saskatchewan, CANADA S7N 1L9
(306) 966 4841 FAX: (306) 966 4938
terry.roebuck@usask.ca
[By the time you have read this, your PC has gone out of date]
-----------------------------------------------------------------------------
Message-ID: <vines.Wg06+km8ZmA@smtpho.tnc.org>
From: bcheng@tnc.org
Hi,
I'm just a Technical Webmaster/network manager of Internet services at my
organization. My main interest on this list is to further expand my knowledge
on the tools and techniques of intruder detection (and possibly some hacks
that I don't know).
In addition to the various security precautions on my Internet servers, I
write simple scripts to analyze my log files and receive daily reports via
email so I don't have to parse through them everyday.
Thanks,
Bruce
Bruce Cheng, Inter-networking Specialist
The Nature Conservancy, Conservation Science Division
e-mail: bcheng@tnc.org, voice: (703) 841-2726, fax: (703) 525-8024
*****> The views expressed are strictly those of the author <*****
-----------------------------------------------------------------------------
Message-Id: <2.2.32.19961122183112.0101a2dc@kc.grapevine.com>
From: Doug Orndorff <doug_o@kc.grapevine.com>
My name is Doug Orndorff, I am a 3rd yr. computer science student with a
strong interest in system administration and computer security. I am hoping
to convert the degree and interest into a real job.
Thank You
Doug Orndorff
-----------------------------------------------------------------------------
Message-Id: <3296F330.57BF@mbox.vol.it>
From: Nibble <Nibble@mbox.vol.it>
Hi there !!!
My id is Nibble... I'm really interested in detecting intruders
and undertsanding how they work.
I am a graphic label engineer, but my interests are lots and various...
This is one of them...
I thank you all for this kind of
service.
Mailing lists are really useful.
...obviously...I live in ITALY...
El Nibble che te rosega anca e sate dee careghe...
@@@ @@@ @@@ @@@@@@@ @@@@@@@ @@@ @@@@@@@@
@@!@!@@@ @@! @@! @@@ @@! @@@ @@! @@!
@!@@!!@! !!@ @!@!@!@ @!@!@!@ @!! @!!!:!
!!: !!! !!: !!: !!! !!: !!! !!: !!:
:: : : :: : :: :: : :: : ::.: : : :: :::
Chi de gaina nasse... sgrafa par tera...
-----------------------------------------------------------------------------
--
+---------------------+--------------------------------------------------+
| ____ ___ |-= Justin Lister email: ruf@uow.edu.au =-|
| | \\ /\ __\ | Center for Computer Security Research (CCSR) |
| | |) / \_/ / |_ | Dept. Computer Science, University of Wollongong |
| | _ \\ /| _/ | ZenMsg: Computer Security a utopian dream.|
| |_/ \/ \_/ |_| (tm) |-= prefix: +61-42 =- Disclaimer: dream own risk.|
| |-= fax: 214329 mobile: 0412139269 voice: 835114 =-|
+---------------------+--------------------------------------------------+
