Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IRC policies

From: Cal Frye <cjf () CALFRYE COM>
Date: Wed, 6 Jun 2007 15:18:37 -0400
John Piercy wrote:

We are using a Packetshaper and set it to drop all IRC packets due to
some problems we had a few years ago as a result of IRC.


The Packetshaper is rather good at identifying IRC on non-typical ports.
We do the same, blocking IRC, with the proviso that we will whitelist
any user's IP address for IRC upon request, no further questions asked.
This policy is advertised in several places, so  it's not been too much
of an inconvenience to the students who know what IRC is...

Monitoring the hosts being denied by the blocked class is a good way to
find infected systems around campus. If we had an IPS, I'd transfer
these functions over to that, but for now, the 'shaper does fine.

--
Regards,
-- Cal Frye, Network Administrator, Oberlin College

   www.calfrye.com,  www.pitalabs.com

"I have a total irreverence for anything connected with society except
that which makes the roads safer, the beer stronger, the food cheaper
and the old men and old women warmer in the winter and happier in the
summer." --- Brendan Behan.
Previous By Date Next
Previous By Thread Next

Current thread: