Hi, I'm a computer scientist at the US Air Force Information Warfare Center. Specifically, I'm the Chief of Countermeasures Development. In that capacity, I direct vulnerability studies, security research & development efforts, software and hardware countermeasure developments, and provide deployable countermeasures engineering support to authorized DOD customers. My background is split between real-time systems work (operational flight programs) and computer security (my graduate thesis work dealt with computer viruses and my second thesis dealt with copy protection mechanisms). I've been working in the computer security field since about 1982 and I still have a lot to learn. One of the projects I manage is the Distributed Intrusion Detection System (DIDS) which is a hetergenous network monitoring suite that actively monitors network activity and acts as a knowledge assistant to the computer security officer in detecting, recording, catalogging, and (under certain conditions) preventing unauthorized a/o malicious activity. My team is also responsible for technical investigation of all sniffer attacks, etc on AF systems. We were the technical investigative team that setup the electronic fishbowl and monitored the 16-yr old hacker from Europe back several months ago. He was eventually arrested and may be prosecuted in the near future. I think this list is a great idea. I'm hoping that this list will achieve 3 primary goals. One, a forum for directly contacting significant players in the IDS environment so that we can effect direction and change in IDS capabilities. Second, I'm hoping that this forum facilitates a networked environment for security consults during major security problems. Finally, I'm hoping to have a forum to implement an electronic "design review" of new countermeasures so we all, as a community, can pool our thoughts and protect systems better and cheaper than we do now. Thanks. Kevin Ziese, Capt, USAF (ziese@chaos.csap.af.mil) Chief, Countermeasures Development AF Information Warfare Center 1-210-377-0477 (Voice) 1-210-377-1326 (Fax) 1-800-217-0570 (Pager)