HB1197 Status

[Ben Scott]

On 2/16/06, Seth Cohn <sethcohn at gnuhampshire.org> wrote:
> (Cain and Abel is a sniffer program, plain and simple... it took _six_ months for
> them to look for weird traffic???)

  Well, the article doesn't give enough detail to really know what
happened, how, or anything.  A simple passive sniffer won't generate
any traffic.

On 2/16/06, Ed Lawson <elawson at laconialaw.com> wrote:
> In the MSFT world are there not simple daemons which monitor the
> status of important system files like the registry and report
> changes?

  Such things certainly exist.  As with most things in the payware
world, they cost money.    Most "corporate" AV software will at least
detect and alert about potential cracking tools.

  I would suggest people curb their rampant hatred of all things
Microsoft when making the case for FOSS.  For one, people like that
just sound like zealots.  For another, a lot of the claims that get
tossed out by *some* FOSS advocates are at least subjective, if not
outright false, when it comes to why FOSS is better then Microsoft.

  Case in point: Is everyone here running a network IDS, separate from
their main servers?  Host IDS on their servers?  How often do you
check for rootkits?  Do you boot from trusted read-only media when you
run those checks?  If not, and you get cracked, does that mean
Microsoft is the right answer instead?

  These best practices apply to nix as well as doze, and I find all
the things that could happen generally don't.  (I'm as guilty as the
next guy, there.)  It's usually a question of knowledge first, time
second, budget third.  FOSS might help with the last, but not the
rest.

  Focus on the strengths of FOSS, not the "my disk is bigger then your
disk" stuff.  One thing Microsoft cannot and will never do is offer
freedom.  *Nobody owns Linux.*  "Live free or die" and all that.  I'd
rather be in charge of my own information destiny, thank you very
much.

  Anyone contact Red Hat/Novell/etc for marketing materials and such?

-- Ben