Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Outbound SMTP

From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Fri, 25 Apr 2008 09:41:41 -0700
Joe,


officers. I mean dang it all, we build wonderful networks, 
and then we proceed to block the heck out of 'em to the point 
where application programmers can hardly use 'em! That just 
makes no sense.


 Joe, you have a fair point, but you are making it a bit extreme. I
would agree, in some contexts, when it comes to NAC, for example. Yet,
the suggestion that blocking port 25 outbound is problematic for
usability isn't very sustainable. 


It is so tempting to say, when confronting any security risk, "block

it."

 The role of the ISO is a lot more nuanced than this. This is a good
example of the importance of an ISO in an institution, as opposed to a
network security administrator, for example. 
 

1) Even if you block port 25 traffic, the host is still infested


 You are missing the forest for the trees. If you render the intent of
an exploit useless, you've accomplished defense in-depth. We can't
maintain pristine networks. We *can* reduce risk and have sufficient
depth such that a compromise will be mitigated by various layers.

~~~~~~~~~~~~~~~~~~
Brian Basgen
Information Security
Pima Community College
Previous By Date Next
Previous By Thread Next

Current thread: