Educause Security Discussion mailing list archives
Re: Campus VPN Services
From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Fri, 22 Aug 2003 21:53:22 -0400
I should point out that we put in the original NETBIOS block (accompanied by the production rollout of the VPN service) to protect against manual attacks by intruders who were finding open shares and/or connecting to insecure NT hidden admin shares and compromising Windows PCs. It was not originally envisoned as a defense against worms 'per se' (though we hoped it might provide some protection during the recent worm attacks). During Stealther, Blaster, Nachi, etc. just seeing the sheer # of worms active on the Internet (and I2) I sometimes felt like Neo in the 2nd Matrix when he learns that hundreds of thousand of machines are boring in to try to break into Zion (just leave out some of the the hokey ersatz philosophy of the Matrix movies)... Morrow H. Morrow Long wrote:
It bought us a little time, though not much. We escaped the original manual nonworm (but automated) attacks week. We were hit by Stealther, then by Blaster and Nachi was delayed by a day or so. In almost all cases netflow showed that the initial vectors for the infections within the Yale network were PPP & VPN users (though we are now seeing early returning grad students bringing in infected notebook PCs and plugging them in). Morrow Mark Poepping wrote:Since you had this setup in place, did you escape the recent rpc (or Nachi) stuff? Mark.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Campus VPN Services, (continued)
- Re: Campus VPN Services Mark Poepping (Aug 20)
- Re: Campus VPN Services Mike Iglesias (Aug 20)
- Re: Campus VPN Services Mark Poepping (Aug 20)
- Re: Campus VPN Services Michael Sinatra (Aug 21)
- Re: Campus VPN Services Mike Iglesias (Aug 21)
- Re: Campus VPN Services Matthew Keller (Aug 21)
- Re: Campus VPN Services H. Morrow Long (Aug 21)
- Re: Campus VPN Services Mark Poepping (Aug 22)
- Re: Campus VPN Services Mike Iglesias (Aug 22)
- Re: Campus VPN Services H. Morrow Long (Aug 22)
- Re: Campus VPN Services H. Morrow Long (Aug 22)