Full Disclosure mailing list archives

Re: The worm author finally revealed!

From: Paul Schmehl <pauls () utdallas edu>
Date: 31 Jan 2003 17:43:57 -0600

On Fri, 2003-01-31 at 14:07, Ron DuFresne wrote:


if deployed on all commisioned servers, then yer protected at host
level...

Ever priced a firewall for Windows?  Oh, I set up ipchains, iptables,
ipfw or whatever on the *nix boxes I maintain, but what do you do for
Windows?  AFAIK there are no free firewalls for Windows servers, and the
ones that I've looked at ain't cheap.


again, in most cases, depending upon the HW/SW choices made, two boxes and
the proper number of interfaces.

Depending upon the volume of traffic too.

It gets expensive in a hurry.  Now do you still need to wonder why some
networks have no firewall and no DMZ?


The real expense is in maint of the equipment, and testing/auditing
periodically...

...but who's picking nits?  I was just trying to add some reality to the
utopia that some people seem to live in.


But, what does interest me here, is that if utdallas has no real security
policy, and no perimiter defences, what does the Adjunct Information
Security Officer really do?  Tis a real question and not meant as a slam.

I guess you haven't caught on yet.  I'm not telling you what UTD is
doing.  I'm telling you what is the "norm" or "average" for edu.  Trust
me, we have a security policy in place and published (but I want more -
more policies and more specifics), and we have permimeter defenses in
place, and we have monitoring in place, and we force good passwords,
etc., etc.

What do I do?  Well I'm responsible for many things, but in the
categories you seem interested in; I handle all antivirus protection for
the campus (have for years) and I'm responsible for IDS on campus. 
Others handle the switching, routing and firewalls, but I have
(respected) input on what gets blocked.  I do the investigations when
there's a breakin, and I get to generate all the reams of paper for the
reports we have to file.  At least, that's the part I think *you* wanted
to hear.

-- 
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: The worm author finally revealed! yossarian (Jan 31)
- <Possible follow-ups>
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
  - Re: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
  - Re: The worm author finally revealed! yossarian (Jan 31)
- RE: The worm author finally revealed! Sung J. Choe (Jan 31)
  - Re: The worm author finally revealed! yossarian (Feb 01)
- RE: The worm author finally revealed! Schmehl, Paul L (Jan 31)
  - RE: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! Jonathan Rickman (Jan 31)
- Re: The worm author finally revealed! Douglas F. Calvert (Jan 31)
- Re: The worm author finally revealed! David Howe (Feb 03)

(Thread continues...)