----------------------------------------------------------------------------- Message-Id: <199611200903.2820@ecr.mu.oz.au> From: "Ilya Joel-Pitcher." <ijoelp@ecr.mu.oz.au> g'day I'm an Australian computing student. I have also just recently got a job for a computing comapany and are responsible for Network maintainence. Most of it is on NT 4.0 but particular concerns are the Internet aspects of our site (web server, ftp server and so on) Ilya Joel-Pitcher ----------------------------------------------------------------------------- Message-Id: <32932A83@mnbp.network.com> From: "Russell J. Dwire" <dwirerj@vavi.network.com> Folks, My name is Russell Dwire. I'm a System Security Engineer working Network Systems Corp. (www.network.com) There is a paradigm shift occurring within the Information Security arena. The shift is called Intrusion Detection and Response . It is occurring because the Information Security Industry has come to the realization that the present security devices are not able to react dynamically to the ever changing system and network security vulnerabilities which are exploited by unauthorized individuals or organizations attempting to compromise the existing networks. The vast majority of the current security devices attempt to prevent unauthorized users from infiltrating the networks or systems. Additionally, they usually passively audit traffic flowing through their systems. Finally, this information gleaned from the security devices must be reviewed and analyzed by human intervention to ensure no anomalies are present. There isn't anything a Information Security member can accomplish after an event has occurred, except damage assessment and then try to recover from it as much as possible. I continually communicate with peers who are within the Information Security industry, and they have said they are also searching for ways to provide the real time intrusion detection and response. If an individual or agency desires to compromise a network. There isn't a way to prevent that from becoming a reality. Current devices are capable of slowing an individual down, but if they are determined, they will be successful. This is one justification for the need to provide real time detection and response. My company Network Systems Corporation (www.network.com) and Wheelgroup are presently leveraging the NetRanger product by filling the current void in the Information Security arena. NetRanger is able to audit and respond to unauthorized communications at Real-time. Enough of my propaganda! Seriously, I believe we are coming upon a new era within Network Security and intrusion detection is the key. Russell Dwire russell.dwire@network.com ----------------------------------------------------------------------------- Message-Id: <Chameleon.961120133729.gary@crumrig.fadpc.im,us-state.gov> From: crumrig@us-state.gov Sorry that I did not give you much of a description in my first message. For all of you out there, My name is Gary Crumrine, I work at the US State Department managing their internet firewalls. My experience comes from 20 years of computer programming in the military (Yes I know what a punch card is)and then growing to networking/ administration/design etc... After retiring from the Military, I have sold my soul to the highest bidder and now work in Washington, DC. as a beltway bandit as we like to be known as. Great market! As long as you don't have to live there. I am always on the look for information on how to catch the bad guys. Looking forward to listening in on the list. I promise not to flame or spam the unclean. ----------------------------------------------------------------------------- Message-Id: <1.5.4.32.19961120220643.002d5ae8@mail.metro.net> From: "Patricka@immecor.com" <patricka@immecor.com> Hello, I'm Patrick Allen, a computer technician from California. I'm interested in information about making the web site for the company I work for secure and hack-proof. Patrick ----------------------------------------------------------------------------- Message-ID: <3293E727.47F5@pc.jaring.my> From: David Leong <davl@pc.jaring.my> Hello, my name is David from Taylor's College in Malaysia currently studying for my A-Levels there. I am interested to know more about computer security as I hope that whatever I can learn from here will be useful when I further my studies in computers. David. ----------------------------------------------------------------------------- Message-ID: <Pine.LNX.3.94.961121103537.6422A-100000@arlecchino.comedia.it> From: Andrea Rizzi <memory@comedia.it> ok you want know what i think and what i do and so ... 1) i like learn something about intrusion detection system,because i'm new in this scene. 2) i like understand something about the net and in particular about backdoor. 3) i'm student and i'm developing software in Java(since 8 weeks ago),before this work , i wrote some intros e demos in asm x86 language i make some interesting thing with ASM :-). 4) that's all, now am i in? byez ----------------------------------------------------------------------------- Message-Id: <9611211244.AA04393@donald.univ-poitiers.fr> From: Jean Michel Doublet <doublet@donald.univ-poitiers.fr> Hello, My name is Jean-Michel, and i'm a french student. I'm very interest by security information because i want to be system administrator. Too much system administrator thinks that their site don't need to be protect seriously. But when a hacker comes in their system is a big surprise. Me, i don't want to be surprised so i subscribe to mailing list to learn more and more. Sorry, for my horrible english :-) Bye ----------------------------------------------------------------------------- Message-Id: <0033000001910855000002*@MHS> From: WWEBB1@email.usps.gov I'm a Special Projects Team Leader with the Field Service Computing Center, DEC Systems Support, United States Postal Service. While system security is not a primary aspect of my job, I have been a system manager in former positions, and I do work closely with our data security types. I believe that it's important to know what the "bad guys" are up to, even if one's own system or OS isn't directly affected. ---------------------------------------------------------------------- William W. Webb <wwebb1@email.usps.gov> Field Computing Service Center - DEC Systems Support National Information Systems Support Center, USPS ----------------------------------------------------------------------------- Message-id: <01IC3P9EEBAA9BVGV6@admin.usask.ca> From: "TERRY (TR) ROEBUCK; 966-4841" <Terry.Roebuck@usask.ca> In keeping with the "open" spirit of this list, my introduction/short resume follows. I am a grad of the U. of Sask. and have been working here ever since in a variety of jobs all within the data processing area (I started in 1969 and have never got out -- I think if I would have shot some one I would have been out of jail by now :-). I have a various times been a programmer, a programmer analyst, a systems analyst, a manager, and now "I is a consultant". Since 1984 I have been also teaching Business Systems Analysis (yes, still here at the University). My current areas of expertise include telephone and IVR systems, business systems analysis and crime analysis. For the past 3 years I have been involved in electronic investigations (computer fraud, e-mail based harrasement, telephone frauds, risk analysis, copyright violation and investigations of computer breaches). My interest in this list is probably obvious. I do not wish to stiffle the free flow of ideas on this list, and certainly am not "policing" list users; I do however, have strong views about computer systems security (and the lack thereof). I know that there is a strong temptation for people to "push the envelope" in all fields of human endeavor -- that, in fact, is probably one of the few things that might save our race -- and computers and security is no exception (in both offering a strong temptation for exploration and possibly saving the race -- deep thought?). So call me a learner; I know that the area of computer security is already too broad to be encompassed by any individual and so I choose to seek understanding in the skills of investigation of incident; as the deputy chief here said "you gotta take a cop and teach'em computing or you take a geek an teach'em to be a cop" (this quote will probaly get me into trouble and does not do justice to the originator ;-) My long form signature follows: Terrance (Terry) Roebuck "A man with too many hats, including..." Systems Analyst; Consulting and Development Services Dept. of Computing Services Lecturer (Business Systems) Dept. of Computational Science Consultant/Crime Analyst Dept. of Security Services -- University of Saskatchewan -- Room E 181 -- Administration Building Saskatoon, Saskatchewan, CANADA S7N 1L9 (306) 966 4841 FAX: (306) 966 4938 terry.roebuck@usask.ca [By the time you have read this, your PC has gone out of date] ----------------------------------------------------------------------------- Message-ID: <vines.Wg06+km8ZmA@smtpho.tnc.org> From: bcheng@tnc.org Hi, I'm just a Technical Webmaster/network manager of Internet services at my organization. My main interest on this list is to further expand my knowledge on the tools and techniques of intruder detection (and possibly some hacks that I don't know). In addition to the various security precautions on my Internet servers, I write simple scripts to analyze my log files and receive daily reports via email so I don't have to parse through them everyday. Thanks, Bruce Bruce Cheng, Inter-networking Specialist The Nature Conservancy, Conservation Science Division e-mail: bcheng@tnc.org, voice: (703) 841-2726, fax: (703) 525-8024 *****> The views expressed are strictly those of the author <***** ----------------------------------------------------------------------------- Message-Id: <2.2.32.19961122183112.0101a2dc@kc.grapevine.com> From: Doug Orndorff <doug_o@kc.grapevine.com> My name is Doug Orndorff, I am a 3rd yr. computer science student with a strong interest in system administration and computer security. I am hoping to convert the degree and interest into a real job. Thank You Doug Orndorff ----------------------------------------------------------------------------- Message-Id: <3296F330.57BF@mbox.vol.it> From: Nibble <Nibble@mbox.vol.it> Hi there !!! My id is Nibble... I'm really interested in detecting intruders and undertsanding how they work. I am a graphic label engineer, but my interests are lots and various... This is one of them... I thank you all for this kind of service. Mailing lists are really useful. ...obviously...I live in ITALY... El Nibble che te rosega anca e sate dee careghe... @@@ @@@ @@@ @@@@@@@ @@@@@@@ @@@ @@@@@@@@ @@!@!@@@ @@! @@! @@@ @@! @@@ @@! @@! @!@@!!@! !!@ @!@!@!@ @!@!@!@ @!! @!!!:! !!: !!! !!: !!: !!! !!: !!! !!: !!: :: : : :: : :: :: : :: : ::.: : : :: ::: Chi de gaina nasse... sgrafa par tera... ----------------------------------------------------------------------------- -- +---------------------+--------------------------------------------------+ | ____ ___ |-= Justin Lister email: ruf@uow.edu.au =-| | | \\ /\ __\ | Center for Computer Security Research (CCSR) | | | |) / \_/ / |_ | Dept. Computer Science, University of Wollongong | | | _ \\ /| _/ | ZenMsg: Computer Security a utopian dream.| | |_/ \/ \_/ |_| (tm) |-= prefix: +61-42 =- Disclaimer: dream own risk.| | |-= fax: 214329 mobile: 0412139269 voice: 835114 =-| +---------------------+--------------------------------------------------+