"Security through obscurity" is risky. I agree you must address prevention, but you don't need to worry about the ones you keep out. You need to be concerned about those that manage to get in (or the ones that were already in to begin with). "sniffing" and "spoofing" seem to have caught everyone's attention, and rightfully so. Jim T ============================================================================== Michael S. Hines <mshines@ia.purdue.edu> writes - > > I also montior the firewalls list (@greatcircle.com) and view that as a > "prevention" method rather than as a detection method. > > I am more interested in approaches which prevent intrusion, rather than > after the fact detection. But detection is certainly important, as there > are probabily more people than are aware that their system has either been > hacked, or is currently under surveilance. > > I'm looking forward to exhanging ideas with others with similar interests. > Michael, I'm sure that you'll run into folks on this list that also are sub'd to the firewalls@greatcircle.com. I have a tendency to agree with you; personally, I view prevention as the paramount issue. However, detection is also an issue which is many times taken fro granted and simply overlooked. Cheers, _______________________________________________________________________________ Paul Ferguson US Sprint Managed Network Engineering tel: 703.904.2437 Herndon, Virginia USA internet: paul@hawk.sprintmrn.com