Firewall Wizards mailing list archives
FBI's internal IT security
From: Rama Kant <kant () adeptech com>
Date: Sat, 24 Feb 2001 12:26:58 -0500
I think the recent FBI's mole case has lessons for us as well. We have been preaching log, log, log..., but auditing of logged information is still rare. Had FBI been auditing its logs, IMHO, they could have caught HANSSEN back in 1997/1998 when he began searching the Automated Case Support System for keywords related to his activities (Page 87 of FBI's Affidavit).
HANSSEN a "Computer Wiz Kid"? Obviously, not a very effective one. Hacking 101 - disable logging and cover your tracks. From a covert perspective he should have disabled logging of his usage of the ACSS. I guess he knew that logs are not audited at the FBI.
Rama Kant _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Napster.. Darren Reed (Feb 20)
- RE: Napster.. Steven Osman (Feb 20)
- Re: Napster.. Tib (Feb 20)
- Re: Napster.. Darren Reed (Feb 20)
- Re: Napster.. Wouter Slegers (Feb 21)
- RE: Napster.. Ai Luong (Feb 21)
- RE: Napster.. Chris Beckwith (Feb 21)
- FBI's internal IT security Rama Kant (Feb 25)
- Re: Napster.. Darren Reed (Feb 20)
- Re: Napster.. Ben Eisenbraun (Feb 21)
- Re: Napster.. daN. (Feb 25)
- <Possible follow-ups>
- Re: Napster.. Steven M. Bellovin (Feb 20)
- RE: Napster.. Keith.Morgan (Feb 21)
- Re: Napster.. John Ladwig (Feb 21)
- RE: Napster.. Vargas Miguel (Feb 21)
- Re: Napster.. Arthur Clune (Feb 25)