From: | Mike Elkins <MikeE@*********.COM> |
---|---|
Subject: | Re: Weird Campaigns -Reply |
Date: | Thu, 21 May 1998 15:12:30 -0500 |
>In no way does my screwup with my password affect my neighbor's
>ability or rights to login.
What if your computer's security included pattern recognition software
that noticed what might be someone using a password cracker: it would
issue an alert, wouldn't it? What if it detected system logs getting
messed with to remove traces of a user's actions? These are things
that are represented by a security tally. Nowadays, these get logged,
and on a big computer there is the equivalent of an alert, but we don't
have ICE in 1998, so there isn't much point in most of this stuff--yet. If
we had expert systems that we pretty good at distinguishing valid from
invalid patterns of use (Probe ICE) a lot of sysadmins would write
scripts that started them running if a lot of bad login attempts occured in
a short period of time, or if a user started playing with file permisions on
files he shouldn't care about.
Double-Domed Mike
--I'm out of ideas for sigs...