Re: Question. (Was re:hacker's intro)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: giorgos adamopoulos: "Re: Question. (Was re:hacker's intro)"
• Previous message: owner-ids@uow.edu.au: "I'm with Gene"
• Maybe in reply to: G.h.van den Berg: "Question. (Was re:hacker's intro)"
• Next in thread: Security Administrator: "Re: Question. (Was re:hacker's intro)"

>4) This whole thread is getting far afield of IDs.  I already dropped
>my subscriptions to several other security mailing lists because they
>had a high noise level from people who had installed "crack" and
>"COPS" and thus decided they were security experts. Please let's not
>let that happen to this list too?  Can we please go back to intrusion
>detection as a topic?
>
>For instance, let's get back to the fact that more than 75% of system
>abuses in typical commcercial environments comes from insiders.  Is
>anyone looking at what is different about these insiders that can be
>detected or monitored?
>
>--spaf
>

I agree that the noise level is a little high. I joined the list to learn
more about IDS and security (I have installed crack and COPS but don't
consider myself a security expert yet).  What about sniffing inside a
firewall.  Is there any way yet of possibly detecting a sniffer?

-Chris
-------------------------------------------------------------
          Thomson Electronic Information Resources
                      205 VanBuren Street
                          3rd Floor
                      Herndon, VA 22070
                        (703) 736-1784
                      csteel@teir.com
               http://amra.labs.thomtech.com
-------------------------------------------------------------

• Next message: giorgos adamopoulos: "Re: Question. (Was re:hacker's intro)"
• Previous message: owner-ids@uow.edu.au: "I'm with Gene"
• Maybe in reply to: G.h.van den Berg: "Question. (Was re:hacker's intro)"
• Next in thread: Security Administrator: "Re: Question. (Was re:hacker's intro)"