Re: spyware defense trick

[Cal Frye <cjf () CALFRYE COM>]

I've got two host lists and discard policies in my Packetshaper for
spyware and "zombie controller" addresses. Somewhat easier to maintain
and change than the router ACLs for our equipment, and lets me get a
quick picture of activity on those groups and list of our machines
trying to make contact, too.

--Cal Frye, Network Administrator, Oberlin College
 www.ouuf.org, www.calfrye.com

  "Results? I've got lots of results! I know thousands of things that
don't work." --Edison, Thomas A (1847-1931)



Niedens, Travis wrote:
> I have thought about doing this, however, I have noticed that some Spyware
> products like HotBar just use the IP address vs. a name.
>
> Travis
>
> -----Original Message-----
> From: Gary Dobbins [mailto:dobbins () ND EDU]
> Sent: Tuesday, May 04, 2004 10:47 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] spyware defense trick
>
> Is anyone using, or considering, using campus DNS to misdirect hostnames of
> known spyware-installing sites, as a way to stem the tide of this nuisance?
>
> We're handling many "infected" machines, to the point where the cost is
> becoming a burden.  Some systemic defense is called-for.
>
> --
>
>    ------------------------------------------------------------
>    Gary Dobbins, CISSP -- Director, Information Security
>    University of Notre Dame, Office of Information Technologies
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.
>
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
> http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.