From cklaus@iss.net Sat Sep 14 11:09:53 1996 Received: from bitcom.ch ([193.192.228.9]) by suburbia.net (8.7.4/Proff-950810) with SMTP id LAA20400 for ; Sat, 14 Sep 1996 11:09:13 +1000 Date: Sat, 14 Sep 1996 11:09:13 +1000 From: cklaus@iss.net Message-Id: <199609140109.LAA20400@suburbia.net> Received: from [193.192.228.39] by bitcom.ch (SMTPD32-3.00) id A5F326902A6; Sat Sep 14 03:10:11 1996 Received: by scout.net (Amiga SMTPpost 1.04 December 9, 1994) id AA01; Sat, 14 Sep 96 03:10:16 CET ct: ISS has been developing the technology for real-time attack recognition and response (RealSecure) for over twelve months. In collabaration with our customers, universities, and our partners, ISS has undertaken a significant investment in time and resources to deliver a comprehensive tool to detect numerous kinds of attacks, only one of which is the SYN flood. To denegrate this product as only a SYN flood detector is erroneous and unfair. RealSecure recognizes and responds to hundreds of attacks. ion then chances are very high that you are vulnerable. Samba makes a network probe of this type very simple. Since people assume there windows network to be a LAN thing, imagine this type of situation: Windows\Start Menu\Programs\StartUp" directory, then the next time someone logged into the machine it would start up. Even better you could run a batch file that then removed it from the startup group. And add a line to the autoexec to add it back in on bootup. The user (most any execpt someone looking for it) would never notice anything at im- >portant data like grades or similar. > >Does anybody have experience with problems, attacks or defences for this >kind of setup ? > >We're trying to consider this problem in detail soon, but first we have >to arrange a meeting with the PC guys and the (heavily UNIX-inclined) >security guys :-) > >-- >> Bernd Lehle - Stuttgart University Computer Center * A supercomputer < >> Visualization / Security / Astrophysics * is a machine < >> lehle@rus.uni-stuttgart.de Tel:+49-711-685-5531 * that runs an < >> http://www.tat.physik.uni-tuebingen.de/~lehle * endless loop < >> pgp? -> finger bernd@visbl.rus.uni-stuttgart.de * in 2 seconds < > > >