Re: Intrusion Detection

From: Paul D. Robertson (probertsat_private)
Date: Tue Apr 14 1998 - 11:06:43 PDT

Next message: Aleph One: "Re: Intrusion Detection"

Previous message: Marcus J. Ranum: "Re: Intrusion Detection"
Maybe in reply to: shantanu bhattacharya: "Intrusion Detection"
Next in thread: Aleph One: "Re: Intrusion Detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 14 Apr 1998, Marcus J. Ranum wrote:

> 	There are really only 2 good reasons I can think of for ID systems:
> 1) To develop a threat level model as to how often you are attacked
> 2) To detect clueless people inside your organization who are attacking
> 	outside sites

3) To detect clueless people inside your organization, or with access to 
   your facilities who are attacking your own systmems.

4) To trend traffic to detect possible tunnels through allowed protocols 
   like HTTP or SSL.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
probertsat_private      which may have no basis whatsoever in fact."
                                                                     PSB#9280

Next message: Aleph One: "Re: Intrusion Detection"
Previous message: Marcus J. Ranum: "Re: Intrusion Detection"
Maybe in reply to: shantanu bhattacharya: "Intrusion Detection"
Next in thread: Aleph One: "Re: Intrusion Detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:22 PDT