Hi, I thought I'd introduce myself since it seems to be the fashion... My name is Chris and I work as a Windows NT development consultant for a UK based Microsoft Backoffice / Windows NT consultancy company. I'm an MCSD (Microsoft Certified Solution Developer) and MCSE (Microsoft Certified Systems Engineer), which qualifies me to pass exams about MS products involving multiple choice questions with four answers, three of which are obviously wrong. Gee. Fear and tremble, mortal fool, for I'm a darn good guesser. Part of my role involves providing network security advice for clients and our own consultants; I pass on information on current NT exploits and how best to protect against them to the rest of the company, which is an interesting task - there are many consultants in MS environments who think that NT is secure off the shelf, which is obviously an unsupportable notion (port 139 out of band bug, l0phtcrack and dozens of really nasty IE bugs, etc...). My interest in intrusion detection is in both understanding what is available on the market (whatever the operating system) and in gathering concepts and techniques for my own code. I have a particular interest in pattern recognition - based systems of intrusion detection. Anyone else out there willing to admit MS experience? Chris.