RE: "MS Blast" Win2000 Patch Download

[Ron DuFresne <dufresne () winternet com>]

On Fri, 15 Aug 2003, Paul Schmehl wrote:

> --On Friday, August 15, 2003 08:35:30 AM -0400 James Patterson Wicks
> <pwicks () oxygen com> wrote:
>
> > I guess we just have a diferent approach to laptops and the corporate
> > environment than others.  The only way a laptop can be plugged into our
> > network is if it has been cleard by the IS department.
>
> No, he doesn't have a different approach.  He has a different set of
> problems than you do.
>
> Try solving this puzzle.  You have 50,000 students living in dormitories,
> each with a 100MB connection to the Internet.  Their computers belong to
> them and the state will not allow you to do any work on them.  In addition,
> for liability reasons, you cannot work on their computers.
>
> Now solve the problem of them constantly getting hacked and infected,
> without being able to force software on their computers, without being able
> to patch them, without being able to demand that they use a firewall.  (You
> can send them all the warning messages you want.  Good luck on having them
> actually *read* them, much less follow the advice.)
>
> Sure, you can firewall off the dorms from your network, but that doesn't
> solve the problem of the 50,000 student infecting each other and then
> calling your support people crying for help.  And it doesn't solve the
> problem of those same students bringing their infected laptops *on* your
> network when they walk up from the dorms.

        [SNIP]

Sure it does, if these are the limits imposed upon you, what is your
concern if these machines infect one another and/or their connectivity
chokes off at some point due to the congestion of such activity?  If you
fail to isolate them, you make your job harder and give the .edu a bad
rap, and make them potentially liable for the damages that these dorm
users pose to the rest of the internet at large.  If enough students
complain about the fact that theit connectivity to the internet and the
rest of the .edu network, then either the limitations you are working
under will be changed and adapted, or those students are going to start
seeking the info and such to correct their own systems.  Doing nothing and
tossing your hands in the air in frustration is *not* the way to go here.
And even imagining doing nothing is the myopic view.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html