Re: Security, Prevention & Detection
jtruitt@dw3f.ess.harris.com
Fri, 05 Aug 94 14:36:30 -0400
"Security through obscurity" is risky. I agree you must address
prevention, but you don't need to worry about the ones you keep out.
You need to be concerned about those that manage to get in (or the ones
that were already in to begin with).
"sniffing" and "spoofing" seem to have caught everyone's
attention, and rightfully so.
Jim T
==============================================================================
Michael S. Hines <mshines@ia.purdue.edu> writes -
>
> I also montior the firewalls list (@greatcircle.com) and view that as a
> "prevention" method rather than as a detection method.
>
> I am more interested in approaches which prevent intrusion, rather than
> after the fact detection. But detection is certainly important, as there
> are probabily more people than are aware that their system has either been
> hacked, or is currently under surveilance.
>
> I'm looking forward to exhanging ideas with others with similar interests.
>
Michael, I'm sure that you'll run into folks on this list that also
are sub'd to the firewalls@greatcircle.com.
I have a tendency to agree with you; personally, I view prevention as
the paramount issue. However, detection is also an issue which is many
times taken fro granted and simply overlooked.
Cheers,
_______________________________________________________________________________
Paul Ferguson
US Sprint
Managed Network Engineering tel: 703.904.2437
Herndon, Virginia USA internet: paul@hawk.sprintmrn.com