IDS: Introduction

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Hagit: "IDS: Re: Real-time IDS for Windows NT?"
• Previous message: Nhan San: "Re: IDS: Real-time IDS for Windows NT?"
• Next in thread: Dark Knight: "Re: IDS: Introduction"

Hi, 

I thought I'd introduce myself since it seems to be the fashion...

My name is Chris and I work as a Windows NT development consultant for a
UK based Microsoft Backoffice / Windows NT consultancy company. I'm an
MCSD (Microsoft Certified Solution Developer) and MCSE (Microsoft
Certified Systems Engineer), which qualifies me to pass exams about MS
products involving multiple choice questions with four answers, three of
which are obviously wrong. Gee. Fear and tremble, mortal fool, for I'm a
darn good guesser.

Part of my role involves providing network security advice for clients
and our own consultants; I pass on information on current NT exploits
and how best to protect against them to the rest of the company, which
is an interesting task - there are many consultants in MS environments
who think that NT is secure off the shelf, which is obviously an
unsupportable notion (port 139 out of band bug, l0phtcrack and dozens of
really nasty IE bugs, etc...).

My interest in intrusion detection is in both understanding what is
available on the market (whatever the operating system) and in gathering
concepts and techniques for my own code. I have a particular interest in
pattern recognition - based systems of intrusion detection.

Anyone else out there willing to admit MS experience?

Chris.

• Next message: Hagit: "IDS: Re: Real-time IDS for Windows NT?"
• Previous message: Nhan San: "Re: IDS: Real-time IDS for Windows NT?"
• Next in thread: Dark Knight: "Re: IDS: Introduction"