Security / Risks associated with BigFix

[Jim Moore <jhmfa () CIS RIT EDU>]

Someone on our technical staff suggested BigFix as a free service that
the non-technical might use to keep worms and intruders off of their
systems.

I looked at it and tried it out.  It has an agent, connects to a
database of fix applications.

It reminded me of the risks associated with central software
distribution.  What can distribute software can deliver malware.
What about a phoney fixlet that delivers a trojan?
What can query and profile the system from the inside, can be as
effective as a good scanner from the outside ...  Could it phone home
with lists of files or with the files themselves.

Has anyone done a risk analysis of BigFix?  Is anyone using it on a
large scale, or encouraging its use?

Jim
--
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
Telephone: (585)475-5406
Fax:       (585)475-7950

PGP (jimmoore () mail rit edu): 9C33 0328 CD59 B602 82B8 8521 0DC9 963C D0C0

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.