Re: [fw-wiz] finding security threats

From: Marcus J. Ranum (
Date: 12/30/02

To: Kilaru Sambaiah <>,
From: "Marcus J. Ranum" <>
Date: Mon Dec 30 08:09:04 2002

Kilaru Sambaiah wrote:
> All the firewalls and other tools are designed for securing
> systems from any threat. Is there any way to find that my local
> systems are breaking systems some where.

Most Intrusion Detection Systems that work on network traffic
don't make a distinction between "inside" and "outside" - they
look for attacks and intrusions going in any direction. Back in
the early days of the IDS business, we found a lot of our customers
were really surprised when the IDS we installed detected their
employees hacking other sites. I think employees are a tiny bit
more savvy about that, now...


Marcus J. Ranum
Computer and Communications Security