To start things off here are a few introductions I received whilst the list was down.. ----------------------------------------------------------------------------- From: "Alexey Boldyrev" <overlord@lan.novsu.ac.ru> Organization: Novgorod State University Hello. My name is Alexey Boldyrev, I'm a third-year student of computer science department at Novgorod State University (Russia). I have read this list for a long time, and, perhaps, now I have a good question to yous. My area of interest is an active intrusion detection systems. Traditional IDS, such as scanning logs, pathing bugs, etc are passive (intrusion must be occured or someone must find that bug). Active IDS such as trapping backdoors, inserting false easy-to-hack accounts, etc allow to detect intrusion when it in progress or only begin. Perhaps 70% of hacking attempts may be eliminated by those methods. Did someone knows, where could I get more information about this topic? Is now there is any real security systems or products in wich this type of IDS used? Thanks for help! ----------------------------------------------------------------------------- From: "Russ & Ronda Brown" <russbrow@aircadiz.net> Hi my name Russ Brown. I have worked as a unix system administrator for the last two years and now have a new job as the network security and vulnerabilities technician. This job now expands into our Novell Netware lan and our Red Hat Linux lan for the internet. The internet is separate from the other two lans for security purposes. This requires me to stay abreast of the lastest and greatest in security tools. Thanks and if you need more info about myself let me know. Russ ----------------------------------------------------------------------------- From: Jim White <wd0e@amsat.org> Greetings, I have just joined the list. Since retiring from USWest as Director of Network Security last year I have started a consulting business in computer and radio communications security with emphasis on training. I'm presently doing some law enforcement training in communications security. I also have a business in satellite systems with emphasis on the security of command and control links and data. I look forward to more of the excellent information and references I have seen so far and will contribute when appropriate. Jim White Colorado Security/Satellite Systems wd0e@amsat.org ----------------------------------------------------------------------------- From: "Matthew Barbour" <cloudy@olywa.net> Hello IDS listers -- I am new to the list and here is my brief introduction. My name is Matthew Barbour and I am a computer sci. student at Evergreen St. College in Olympia WA, USA. As a user of Linux and windowsNT systems, I am interested in Intruder detection as well as general security issues. I am currently involved in a college program doing Neural Net programming and would like to find out how it is related to IDS. Sorry if I don't have that much to contribute to the discussion at first. Mainly I want to subscibe to learn about current issues in IDS. Matthew cloudy@olywa.net Undergrad-The Evergreen State College. Data Structures : Connectionist Theory ----------------------------------------------------------------------------- From: Jack Anderson <JAnderson@hcfa.gov> My name is Jack Anderson. I have been recently hired as a security analyst for a govt' contractor. My interest in intrusion detection is the basis of my position. We are in the process of including intrusion/anomaly detection into our daily routine. I am new to the field of security, so I won't comment on what I think a intrusion detection system is. Thanks! Jack ----------------------------------------------------------------------------- From: Paul Pomes <ppomes@Qualcomm.com> Organization: Qualcomm, Inc. Greetings, I am Paul Pomes, Staff Engineer with Qualcomm, Inc, located in San Diego, California. Qualcomm is both an equity holder of and contractor to Globalstar Limited Partnership, a corporation split off from Loral Space Systems. Globalstar LP plans to launch beginning this October a series of 56 low earth orbiting satellites (750 miles) to form a global wireless telephone/data network designed to connect mobile users and remote stationary phones anywhere from 70N to 70S latitude. It is similar in purpose (but hopefully more successful) to Motorola's Iridium project. Qualcomm is providing its CDMA technology and contracting to build certain system elements. My particular area is the Ground Operations Control Center which is charged with maintaining the ground elements of the the Globalstar system (satellite to land line gateways and the data network connecting those gateways to the GOCC). As the security lead I am developing and integrating in-house and Commercial Off The Shelf (COTS) products with the goal of a strongly authenticated, secure, single-signon system. Kerberos- equipped utilities (all encrypting) and SSH form the core transports. In-house applications such as the capacity planning tool and satellite resource allocation generator are being built with the GSS-API library. Cisco's network-level encryption runs between the primary and alternate sites and to the Gateways. A application firewall connects the Internet to the general purpose admin network and a packet-filtering router with a narrow idea of acceptable connects the operational networks with the admin network. The design goal of an easy to use, yet secure system has been more or less realized. However any system needs a feedback mechanism to insure that it is doing the job. For that reason I am now evaluating commercial intrusion detection systems and logfile analysis tools. I am aware of RealSecure, Stalker, NetRanger, and Abirnet. I would be most interested in hearing about other people's experiences with these tools in small, highly compartmented networks. /pbp ----------------------------------------------------------------------------- From: amy kennedy <akennedy@REX.RE.uokhsc.edu> Hello. My name is Dan and I am currently a student intending to specialize in the field of computer security. I hope to stay current on the methods of intrusion detection and system integrity. It's a little soon for me, but I hope also to help develope new security techniques as future needs arise. ----------------------------------------------------------------------------- From: "David Aitel" <wabe@smart.net> In the instructions it said to introduce myself - so: I am a computer scientist with a bachelors from RPI who wanted to hear some real world experiences with IDS. Nothing too deep, just curiosity. :> ----------------------------------------------------------------------------- From: James Meyer <jjmeyer@ouray.cudenver.edu> My interest in intrusion detection systems is for personal information goal at this time. I am currently an MS MIS/MBA student with a strong interest in security. I am coming into this looking for ideas as well as looking to contribute ideas. ----------------------------------------------------------------------------- From: dbrooks@deloitte.ca Just to let everyone know a little bit about myself. My name is Dominic Brooks, I'm a Network Consultant for Deloitte & Touche (if you couldn't figure that out from my return address). I specialize in Network and Internet security especially in the area of Electronic Commerce. I am a CNE (Certified Netware Engineer). Cheers, Dominic ----------------------------------------------------------------------------- From: ben <bpgreer@pop.uky.edu> Thankyou for my subscription to ids. I am a computer technician and I work for the university of kentucky. .au is that in australia? My interest in computer security is rather new and it all started when I began dealing with our virus problem. I am responsible for about 50+ desktop and laptop computers and it seems before I came aboard there was not any attention being paid to the virus problem. so one thing led to another from virus detection to removal and how to secure our systems and what not. thanks again and I look forward to reading your service. ben ----------------------------------------------------------------------------- From: gcrowder@sonic.net (Greg Crowder) I have just joined this list and as per the greeting letter, am sending off a little bit of info about myself. I am a student at Sonoma State University in, oh so glorious, Santa Rosa, California, USA. I hope to have my Bachelors Degree in Computer Science within the next year and a half. I have had an interest in copmuter related security since I bought my first computer and got on the Net four years ago. My ultimate goal is to start my own Security Company. Unfortunately, I have very little practical knowledge and I hope this list will help to rectify that problem. Whoa. I feel as though I am babbling. =) Anyway, I hope I can contribute to everyone else's knowledge as I myself learn over time. Thank you in advance. ----------------------------------------------------------------------------- From: "Richard Brehove" <Richard_Brehove@qmail4.nba.TRW.COM> Hello- My name is Richard Brehove, Sr. Project Engineer at TRW, Redondo Beach, CA I am a System Integrator, responsible for LAN and WAN architecture for various projects and proposals that TRW bids and performs on. The whole field of network security is now the hot topic, and I find myself not only implementing it, but trying to educate my "customers" on what it is and is not. I am interested in intrusion detection from the point of view of available vendors, products, methods , resources required, and limitations. I must admit I'll be a "taker" rather than a "giver", but hey, at least I'm dealing with real users, and perhaps I'll come up with some insight. ----------------------------------------------------------------------------- -- +---------------------+--------------------------------------------------+ | ____ ___ |-= Justin Lister email: ruf@uow.edu.au =-| | | \\ /\ __\ | Center for Computer Security Research (CCSR) | | | |) / \_/ / |_ | Dept. Computer Science, University of Wollongong | | | _ \\ /| _/ | ZenMsg: Computer Security a utopian dream.| | |_/ \/ \_/ |_| (tm) |-= prefix: +61-42 =- Disclaimer: dream own risk.| | |-= fax: 214329 mobile: 0412139269 voice: 835114 =-| +---------------------+--------------------------------------------------+