RE: Am I still vulnerable to attack?

["Jesse Rink" <jesse-rink () wi rr com>]

It's my personal opinion (I do a lot of work for schools), that the biggest
threat to school is internal.  Students are constantly trying to find
backdoors into your network and are likely to be smarter than you think.
I've seen several schools get hacked using various methods.  And since
students have physical access to your machines in the first place, any
prevention at the external/firewall level is already bypassed in reality.
Just my $.02.




-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of cdunn () foxwood notts sch uk
Sent: Monday, March 03, 2008 4:39 AM
To: security-basics () securityfocus com
Subject: Am I still vulnerable to attack?

Hi,


I work in a school in nottingham, UK we access the internet via the EMBC who
inter-connect all schools and colleges to the internet. The EMBC manage our
site blocking and spam filters for E-Mail. The proxy we use to access the
net is heavily filtered and all un-used ports are closed, making an attack
as far as I can see VERY difficult.


My question is just how vulnerable is our school network? is there still
potential there for an attack to take place? or would this be so difficult
and the rewards to few for an attacker to bother?


Thanks


Craig Dunn