-This subject has been of a great interest to me and I have been trying to push to get a similar feature within my area of infulence.
- Here is what the differentiators are :- - Is the System itself capable of sending out emails using MAPI or are you going to trigger an email from your log server which is external to the System. For e.g if there is a IDS system from company X. 1.The Sys Admin of this IDS may have a log server which is logging Syslog Messages. 2.Apart from that, he may want to " trigger ME an email to me @mycomapny and [EMAIL PROTECTED]" when there is a nimda attack. 3.The Sys Admin may also want " Email me all critical Syslog messages to [EMAIL PROTECTED]" Now,if such a paranoia exists then why not encrypt all such emails. Secondly, even if someone looks at these emails, he will not be able to harm your system in any way. It may have public relation value and may be the companys stocks may get hit if such a news leaks out. Igor- you havent interpreted Jasons question correctly - Even if the envirioment is "sensitive", such emails ( yahoo emails ), if captured enroute cannot help anyone get access to the comapny data.He will simple come to know that comapny X has issues on their network -Pradeep -----Original Message----- From: Naveen Maram [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 01, 2001 4:05 PM To: Igor D. Spivak; John Christopher Cc: [EMAIL PROTECTED] Subject: Re: security tools with email notification You may also try www.ziplip.com --- "Igor D. Spivak" <[EMAIL PROTECTED]> wrote: > that depends how sensitive is the envirenoment your > are working in, the > person who compromised a host (has root) can of > course look at the outgoing > mail spool and intercept mail, it will take someone > some time to break into > yahoo, and you can encrypt it, if you feel like it - > that depends on the > data. > > try this: > > www.hushmail.com > ----- Original Message ----- > From: "John Christopher" > <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, November 29, 2001 10:31 AM > Subject: security tools with email notification > > > > > > Hi - > > > > Many security tools (logcheck, for example) > > provide a facility for sending warnings, etc. > > to an email address. > > > > 1. Can anyone see any security problems with > > sending such info to a yahoo.com email address > > (in other words, how secure is yahoo mail)? > > > > 2. Is it possible for an attacker to intercept > > email messages sent from a host he has targeted? > > > > 3. Should such emails be encrypted before being > > sent? > > > > Thanks - > > JC > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! GeoCities - quick and easy web site > hosting, just $8.95/month. > > http://geocities.yahoo.com/ps/info1 > __________________________________________________ Do You Yahoo!? Buy the perfect holiday gifts at Yahoo! Shopping. http://shopping.yahoo.com
