Educause Security Discussion mailing list archives
Brief Survey on handling hacked machines:Humber College
From: Chris Fontaine <chris.fontaine () HUMBER CA>
Date: Thu, 24 Oct 2002 21:57:29 -0400
Brief Survey on handling hacked machines: I have read the posts on the security listserv at Educause and would like to give the following feedback: 1. We are currently using Roxio GoBack in our labs at Humber College, set to auto-revert the workstations at every log on. (Each student has a unique ident) 2. TrendMicro NeatSuite is set as our standard anti-virus software college wide. (servers, workstations, and e-mail scanning) 3. We use 3 Netscreen 100 firewalls (1 border, 1 internal gate, 1 for residence) for traffic control and monitoring. Our labs are imaged using Symantec Ghost at the beginning of each semester, to ensure current patches (win2k, etc.)are applied to all software by our development team. We have begun a new approach of responsible computing, after attending a session put on by Shirley Payne of the University of Virginia (see: http://www.itc.virginia.edu/securitytoolkit) (thanks Shirley!!). Compromised machines are immediately isolated (but not necessarily cut) from the network, in order to perform forensic investigation as to the nature of the compromise. If anyone has any further questions, please feel free to contact me. ============================ Chris Fontaine Digital Information Protection & Security, Humber College Information & Technology Services 205 Humber College Blvd Toronto, Ontario, Canada M9W 5L7 chris.fontaine () humber ca (416) 675-6622 ext 4461 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Brief Survey on handling hacked machines:Humber College Chris Fontaine (Oct 24)
- <Possible follow-ups>
- Re: Brief Survey on handling hacked machines:Humber College Richard W. Travsky (Nov 06)