bit.listserv.bosnet
Fred...@bit.listserv.bosnet
following statistic, it was the only non-Salomon source code.
We went from zero monitoring of Internet email traffic to...
> On 3/21/96 we had our first security incident report.
>
> By 3/26/96 we had an astonishing 38,000 lines of proprietary source code
> outbound.
>
> We were mentally unprepared. Figuratively we were pulling our hair out
> wondering when the madness would stop.
>
> It never did.
As I said, the results of keyword monitoring were stunning.
If you look up computer security literature and read up on security incidents,
you'll notice none are more articulate about inside-employee incidents other
than to describe the people as "disgruntled employees".
Wrong.
I'll go over some of the major categories of incidents I encountered.
Keyword monitoring is abstract to most people; these results show
how powerful the technique is.
Here are two from the category:
o People innocently trying to get work done.
This usually happens between the programmer and a third-party vendor.
SISS stands for 'Salomon Information Security Services'.
The configurations and passwords to Salomon's network control devices - the
heart of the network - flew out of our Internet connection to vendor Cisco
in a seemingly unstoppable whirlwind. This was the fourth report in a row.
********** begin excerpt from 'Corruption at Salomon Brothers' **********
*******************************************************************************
************
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 4.1.4
BCaPawVR3ypaAjozGlMYArB8+c5VPh17vGnTTcOugyA9/NOvz6zqOSlkk+JVy79p
NY+ZT1V0alHfoOuuU+P4lZv+ILn2yFZKmuNQpaBJMVQZe7w3Tdt6x6spCoCp7tQf
98cPgLka9dzUK9CAmMika1aOVEWubqQmg+RR8CwzIJvkN24BZcILyO4P8iKVa9jL
DT8LbnAhGYmdD9o+zn==
=QnXe
-----END PGP SIGNATURE-----