IDS: Introductions
Justin J. Lister (ruf@uow.edu.au)
Sun, 14 Sep 1997 13:49:17 +1000 (EST)
To start things off here are a few introductions I received whilst the
list was down..
-----------------------------------------------------------------------------
From: "Alexey Boldyrev" <overlord@lan.novsu.ac.ru>
Organization: Novgorod State University
Hello.
My name is Alexey Boldyrev, I'm a third-year student of computer science
department at Novgorod State University (Russia). I have read this list for
a long time, and, perhaps, now I have a good question to yous.
My area of interest is an active intrusion detection systems. Traditional
IDS, such as scanning logs, pathing bugs, etc are passive (intrusion must be
occured or someone must find that bug). Active IDS such as trapping backdoors,
inserting false easy-to-hack accounts, etc allow to detect intrusion when
it in progress or only begin. Perhaps 70% of hacking attempts may be
eliminated by those methods. Did someone knows, where could I get more
information about this topic? Is now there is any real security systems or
products in wich this type of IDS used?
Thanks for help!
-----------------------------------------------------------------------------
From: "Russ & Ronda Brown" <russbrow@aircadiz.net>
Hi my name Russ Brown. I have worked as a unix system administrator for
the last two years and now have a new job as the network security and
vulnerabilities technician. This job now expands into our Novell Netware
lan and our Red Hat Linux lan for the internet. The internet is separate
from the other two lans for security purposes. This requires me to stay
abreast of the lastest and greatest in security tools. Thanks and if you
need more info about myself let me know.
Russ
-----------------------------------------------------------------------------
From: Jim White <wd0e@amsat.org>
Greetings,
I have just joined the list.
Since retiring from USWest as Director of Network Security last year I have
started a consulting business in computer and radio communications security
with emphasis on training. I'm presently doing some law enforcement
training in communications security. I also have a business in satellite
systems with emphasis on the security of command and control links and
data. I look forward to more of the excellent information and references I
have seen so far and will contribute when appropriate.
Jim White
Colorado Security/Satellite Systems
wd0e@amsat.org
-----------------------------------------------------------------------------
From: "Matthew Barbour" <cloudy@olywa.net>
Hello IDS listers -- I am new to the list and here is my brief
introduction. My name is Matthew Barbour and I am a computer sci. student
at Evergreen St. College in Olympia WA, USA. As a user of Linux and
windowsNT systems, I am interested in Intruder detection as well as general
security issues. I am currently involved in a college program doing Neural
Net programming and would like to find out how it is related to IDS. Sorry
if I don't have that much to contribute to the discussion at first. Mainly
I want to subscibe to learn about current issues in IDS.
Matthew
cloudy@olywa.net
Undergrad-The Evergreen State College.
Data Structures : Connectionist Theory
-----------------------------------------------------------------------------
From: Jack Anderson <JAnderson@hcfa.gov>
My name is Jack Anderson. I have been recently hired as a security analyst for
a govt' contractor. My interest in intrusion detection is the basis of my
position. We are in the process of including intrusion/anomaly detection into
our daily routine. I am new to the field of security, so I won't comment on
what I think a intrusion detection system is. Thanks!
Jack
-----------------------------------------------------------------------------
From: Paul Pomes <ppomes@Qualcomm.com>
Organization: Qualcomm, Inc.
Greetings,
I am Paul Pomes, Staff Engineer with Qualcomm, Inc, located in San Diego,
California. Qualcomm is both an equity holder of and contractor to
Globalstar Limited Partnership, a corporation split off from Loral Space
Systems. Globalstar LP plans to launch beginning this October a series
of 56 low earth orbiting satellites (750 miles) to form a global wireless
telephone/data network designed to connect mobile users and remote stationary
phones anywhere from 70N to 70S latitude. It is similar in purpose (but
hopefully more successful) to Motorola's Iridium project.
Qualcomm is providing its CDMA technology and contracting to build certain
system elements. My particular area is the Ground Operations Control Center
which is charged with maintaining the ground elements of the the Globalstar
system (satellite to land line gateways and the data network connecting
those gateways to the GOCC). As the security lead I am developing and
integrating in-house and Commercial Off The Shelf (COTS) products with the
goal of a strongly authenticated, secure, single-signon system. Kerberos-
equipped utilities (all encrypting) and SSH form the core transports.
In-house applications such as the capacity planning tool and satellite
resource allocation generator are being built with the GSS-API library.
Cisco's network-level encryption runs between the primary and alternate
sites and to the Gateways. A application firewall connects the Internet
to the general purpose admin network and a packet-filtering router with a
narrow idea of acceptable connects the operational networks with the admin
network.
The design goal of an easy to use, yet secure system has been more or less
realized. However any system needs a feedback mechanism to insure that it
is doing the job. For that reason I am now evaluating commercial intrusion
detection systems and logfile analysis tools. I am aware of RealSecure,
Stalker, NetRanger, and Abirnet. I would be most interested in hearing
about other people's experiences with these tools in small, highly
compartmented networks.
/pbp
-----------------------------------------------------------------------------
From: amy kennedy <akennedy@REX.RE.uokhsc.edu>
Hello. My name is Dan and I am currently a student intending to
specialize in the field of computer security. I hope to stay current on the
methods of intrusion detection and system integrity. It's a little soon for
me, but I hope also to help develope new security techniques as future
needs arise.
-----------------------------------------------------------------------------
From: "David Aitel" <wabe@smart.net>
In the instructions it said to introduce myself - so:
I am a computer scientist with a bachelors from
RPI who wanted to hear some real world
experiences with IDS. Nothing too deep,
just curiosity. :>
-----------------------------------------------------------------------------
From: James Meyer <jjmeyer@ouray.cudenver.edu>
My interest in intrusion detection systems is for personal information
goal at this time. I am currently an MS MIS/MBA student with a strong
interest in security. I am coming into this looking for ideas as well as
looking to contribute ideas.
-----------------------------------------------------------------------------
From: dbrooks@deloitte.ca
Just to let everyone know a little bit about myself. My name is
Dominic Brooks, I'm a Network Consultant for Deloitte & Touche (if you
couldn't figure that out from my return address). I specialize in
Network and Internet security especially in the area of Electronic
Commerce. I am a CNE (Certified Netware Engineer).
Cheers,
Dominic
-----------------------------------------------------------------------------
From: ben <bpgreer@pop.uky.edu>
Thankyou for my subscription to ids. I am a computer technician and I work
for the university of kentucky. .au is that in australia?
My interest in computer security is rather new and it all started when I
began dealing with our virus problem. I am responsible for about 50+
desktop and laptop computers and it seems before I came aboard there was
not any attention being paid to the virus problem.
so one thing led to another from virus detection to removal and how to
secure our systems and what not.
thanks again and I look forward to reading your service.
ben
-----------------------------------------------------------------------------
From: gcrowder@sonic.net (Greg Crowder)
I have just joined this list and as per the greeting letter, am sending
off a little bit of info about myself.
I am a student at Sonoma State University in, oh so glorious, Santa
Rosa, California, USA.
I hope to have my Bachelors Degree in Computer Science within the next
year and a half.
I have had an interest in copmuter related security since I bought my first
computer and got on the Net four years ago.
My ultimate goal is to start my own Security Company. Unfortunately, I have
very little practical knowledge and I hope this list will help to rectify that
problem.
Whoa. I feel as though I am babbling. =)
Anyway, I hope I can contribute to everyone else's knowledge as I myself learn
over time. Thank you in advance.
-----------------------------------------------------------------------------
From: "Richard Brehove" <Richard_Brehove@qmail4.nba.TRW.COM>
Hello-
My name is Richard Brehove, Sr. Project Engineer at TRW, Redondo Beach, CA
I am a System Integrator, responsible for LAN and WAN architecture for
various projects and proposals that TRW bids and performs on. The whole
field of network security is now the hot topic, and I find myself not only
implementing it, but trying to educate my "customers" on what it is and is
not. I am interested in intrusion detection from the point of view of
available vendors, products, methods , resources required, and limitations.
I must admit I'll be a "taker" rather than a "giver", but hey, at least I'm
dealing with real users, and perhaps I'll come up with some insight.
-----------------------------------------------------------------------------
--
+---------------------+--------------------------------------------------+
| ____ ___ |-= Justin Lister email: ruf@uow.edu.au =-|
| | \\ /\ __\ | Center for Computer Security Research (CCSR) |
| | |) / \_/ / |_ | Dept. Computer Science, University of Wollongong |
| | _ \\ /| _/ | ZenMsg: Computer Security a utopian dream.|
| |_/ \/ \_/ |_| (tm) |-= prefix: +61-42 =- Disclaimer: dream own risk.|
| |-= fax: 214329 mobile: 0412139269 voice: 835114 =-|
+---------------------+--------------------------------------------------+