Tracking

TheMSsForum.com: The Microsoft Software Forum

Hi,

I was at the Infotech security show in London today, where I saw a HUGE
variety of anti-hacker, anti-virus, anti-phishing etc etc ad infinitum,
programs. These program vendors told how these products could detect
intrusion and stop it. Detect patterns of use and stop advers patterns. Stop
viruses and trojans and spyware etc etc.

But imagine that you are a corporate who relies on trade worldwide in a
sector where all information regarding deals and clients needs to be kept
absolutely secret from competitors.

Now imagine that you have some-how been hacked and such information has been
breached.
Also imagine, that you have a pretty good idea that you know that a
competitor is behind it.

I did not see one piece of software(maybe my eyes are not that good), that
offered a means to track, trace and provide evidence with relation to a
breach.
Many showed how, if breached the system could be quickly secured, but
hey.... isn't that rather beside the point?? Haven't you already lost your
livelihood??

Is there any product out there that can detect, secure and then trace a hack
etc so that at least you can take some kind of legal action against these
people??

Surely, if a system is hacked with the purpose of obtaining information then
that information has to go back to the hacker, otherwise, what use is it??
(or to be published thus rendering the info useless).
If this is the case then surely there is a way of detecting where and
who.....

Or am I over simplifying things here..??

Corporate hacks in todays competitive corporate environment are only going
to get worse and more prevalent, ....

Is there anything out there.................

Terry
Top

Re: Tracking by Phillip

Phillip
Wed Apr 27 16:32:01 CDT 2005

"Terry" <terry@rit.co.uk> wrote in message
news:ObNSDy2SFHA.2872@TK2MSFTNGP14.phx.gbl...
> I did not see one piece of software(maybe my eyes are not that good), that
> offered a means to track, trace and provide evidence with relation to a
> breach.
> Many showed how, if breached the system could be quickly secured, but
> hey.... isn't that rather beside the point?? Haven't you already lost your
> livelihood??

It all depends on *how* they got the information.

For example, if it came from a webserver then it would be in the webservers
logs.

There are some ways which cannot be tracked,...if they impersonated another
user then it will look like it came from that user and you couldn't do much
about that other than maybe prove that user wasn't at work on that day or
something.

The people selling those products intensionally make it look as "mysterious"
as they possibly can to get you to buy it. Most of them would have a tough
time selling me anything because I think many of those sales pitches are
over-hyped and I don't believe those products are as helpful as they say
they are. I also do not believe that data is stolen as "easily" as they
make it sound.

I also dont believe the Internet is the #1 threat. It is much easier for
data loss to occur via your own employees,...either unintensionally via
"social engineering", or intensionally via a corrupt employees. The
Internet is probably the least likely path for data loss, it is too
difficult to do, requies too much experteis, and there are too many other
easier ways.

If I wanted to steal the plans for the new Airbus 380, my first thought
certainly would not be the Internet,...it would be,..."Who do I know that
works for Airbus?"

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


Top