[unisog] MediaSentry reports, threat or menace
eckman at UMN.EDU
Mon Jan 10 20:29:27 GMT 2005
Stephen C Woods wrote:
> OK, lets look at the the other side of the issue, is Media-sentry
> generating only bogus reports?
> (Our report was for a machine that has NEVER used our network).
> Has anyone received a report from MediaSentry that actually turned out
> to be a real occurrence, that is the IP exists and you have evidence
> (netflows, confession etc) that the sharing really occurred.
MediaSentry has typically sent valid complaints. There was the period of
time last spring (roughly one week in duration, if my memory serves me
well) and another now where anecdotal evidence suggests that *all* of their
reports during the affected time windows were bogus. Outside of these two
"events", MediaSentry has appeared to have been accurate in their reporting.
Brian (who is not trying in any way to defend MediaSentry)
OIT Security and Assurance
University of Minnesota
More information about the unisog