Educause Security Discussion mailing list archives

Re: [ED-SEC] Policy for Domain Administration

From: "Sadler, Connie" <Connie_Sadler () BROWN EDU>
Date: Thu, 26 May 2005 22:32:30 -0400

Yes... non *.brown.edu domain names hosted on Brown's registered address space.

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7  560D 9A07 80BA 91E3 8EFB


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chad 
McDonald
Sent: Thursday, May 26, 2005 4:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [ED-SEC] Policy for Domain Administration

Do you mean IP's hosted within your IP range that have DNS entries other
than *.brown.edu?


Thanks,
Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
478.445.4473  Office
478.454.8250 Cell
478.445.1202 Fax

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Phil Benchoff
Sent: Thursday, May 26, 2005 1:17 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [ED-SEC] Policy for Domain Administration

You have no way to detect domain names that resolve to your addresses.
It would be a fairly pointless policy.  You can refuse to reverse one of
your addresses to anything but *.brown.edu.  That makes it a little harder
for folks to misrepresent things.  If your worry is about acceptable use,
the domain name doesn't have much to do with it anyway.

Phil

On Thu, May 26, 2005 at 12:57:36PM -0400, Sadler, Connie wrote:

Does anyone have policy for the administration of domain names at your

site? For example, here at Brown, we are considering a policy requiring
"registration" for domains that sit on our address space but that will not
have a *.brown.edu address. Has anyone gone down this road? Any wisdom on
this?


Thanks much!

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security,
Brown University

Current thread:

Re: [ED-SEC] Policy for Domain Administration Phil Benchoff (May 26)
- <Possible follow-ups>
- Re: [ED-SEC] Policy for Domain Administration Chad McDonald (May 26)
- Re: [ED-SEC] Policy for Domain Administration Sadler, Connie (May 26)