Brian, On 1., the answer is no. I pick up a lot of extra security consulting because of Notes. A good policy and common sense protect it. But no, none that I know of. Typically on OS/2 Notes servers (mainly what I've seen) and the Windows station that administers the NLM version, well, once you're there you can bypass most security. On the NLM version if Netware itself isn't set up secure you can bypass a good chunk of security. On 2., there is not a lot. The KnowledgeBase database that customers replicate down from Lotus is a good source of techie info, but not a lot on security that isn't covered in the manual or in classes. The biggest one is when you cross certify with other companies, use a non-hierarchical certifier. Here's the problem - Vendor A cross certifies with Customer A and Customer B. Vendor A is providing pricing info and order tracking for both customers in replicating Notes databases. All cross certifications are done with hierarchical certifiers. Because of the way public keys are exchanged, Customer A has direct access to Customer B. Customer A can then set up a dummy server to "look" like Vendor A and call Customer B, replicating all pricing info and order tracking, because Customer A has Vendor A's public key that Customer B is looking for. I believe Lotus has corrected this in later versions of Notes, but there you have the worse bug I'm aware of. Mark Mark_W_Loveless@smtp.bnr.com ______________________________ Reply Separator _________________________________ Subject: Lotus notes ids? Author: ids@uow.edu.au at internet Date: 7/17/95 5:04 PM 1. Is there an intrusion detection system already developled for Lotus Notes? 2. Can anyone point me to a source or reference that describes the main areas of security concern in Lotus Notes and the patches or products that fix the areas of concern? Brian Smith, DOS Dummy