Questions about Early Approaches to Intrusion Detection: Anderson and
Denning

1. What kind of threats were Anderson and Denning most concerned
   about?
2. What computing and human infrastructure did they assume was
   present?
3. Are their goals easier or harder to achieve today than they were
   two decades ago?
4. How are their concerns and assumptions relevant to the Internet?
   How are they not?