Educause Security Discussion mailing list archives
Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact
From: Gary Flynn <flynngn () JMU EDU>
Date: Thu, 19 Sep 2002 15:57:46 -0400
Rodney Petersen wrote:
One of the recommendations in the "National Strategy To Secure Cyberspace" (www.securecyberspace.gov) is that "each college and university should consider establishing a point-of-contact, reachable at all times, to Internet service providers (ISPs) and law enforcement officials in the event that the school's IT systems are discovered to be launching cyber attacks." Is this a good idea?
Sure. But the ISPs should reciprocate :)
How could it be implemented across higher education?
Most places have something equivalent to abuse () org edu. However if real-time response is desired a problem develops. Many places don't have IT phones manned 24x7. On the other hand, they do have campus law enforcement available 24x7. Initial contact could be made through campus law enforcement who could have a call-down list to contact the appropriate IT folks. This would have to be a list of people or a pointer to whomever is currently on call. A single person is unrealistic.
What are obstacles or challenges for moving forward with this recommendation?
Calls in the middle of the night because someone's personal firewall told them they were undergoing a "hacking attack" when in reality they only got scanned for peer sharing or net game ports because they received an IP address previously used by a computer running such software. Calls in the middle of the night complaining about spreading Klez and similar viruses. Calls in the middle of the night because a student's computer was infected with Nimda or similar worm. In other words, some type of triage would have to be performed. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Rodney Petersen (Sep 19)
- <Possible follow-ups>
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Gary Flynn (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Jim Moore (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Allen Chang (Sep 20)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Dan Updegrove (Sep 22)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Nick Tate (Sep 23)