To better illustrate which computer system capabilities need protection, three specific system incidents are discussed. Each of the three incidents addresses a different aspect of computer security. The incidents are the Hannover Hackers, the Internet worm, and an Evening with Berferd. It is provided with the intent that the knowledge gained by learning and understanding previous system attacks will be useful in preventing future attacks. The first incident, the Hannover Hackers, provides two valuable pieces of information: intrusive activity has grown to global proportions, and system vulnerability often results from uninformed or apathetic system administrators. The second incident, the Internet Worm, provides insight into the operations of a worm. This incident also shows that sophisticated techniques are not necessary for implementing and deploying wide spread system attacks. The third incident concerns a virtual jail that was created for the purposes of restricting and observing an intruder's actions.