Re: [AFWD] Re: Question. (Was re:hacker's intro)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: serw30@gibson.cioe.com: "Re: I'm with Gene"
• Previous message: Michel Lavondes: "Re: New Subject (please)"

>>>For instance, let's get back to the fact that more than 75% of system
>>>abuses in typical commcercial environments comes from insiders.  Is
>>>anyone looking at what is different about these insiders that can be
>>>detected or monitored?
>>>
>>>--spaf
>>>
>>
>>I agree that the noise level is a little high. I joined the list to learn
>>more about IDS and security (I have installed crack and COPS but don't
>>consider myself a security expert yet).  What about sniffing inside a
>>firewall.  Is there any way yet of possibly detecting a sniffer?
>>
>>-Chris
>
>
>Chris,
>When you begin installing sniffers within your organizations, you need to
>look at the issue of violation of an individuals privacy.  ***Now before you
>go ranting*****, allow me to explain...
>Justification is the only weapon you will have when you approach your
>"boss", at whatever level that might be in gaining aproval for such a tool
>to be used.  If prior approval is not obtained and one of the "users" finds
>out...there will be hell to pay in explaining why you were not just
>targeting one workstation...or any number of other questions which are bound
>to pop up.
>
>My basis for my statement is based on the fact that I work for the DoD and
>this is a CRITICAL element when we are looking at a system/site.
>
>Tony

Tony,
        Are there any laws (federal or state) or cases you know of that cover
this issue of monitoring users with or wihtout their permission??

-robert

• Next message: serw30@gibson.cioe.com: "Re: I'm with Gene"
• Previous message: Michel Lavondes: "Re: New Subject (please)"