Educause Security Discussion mailing list archives
Re: Lowering the risk of email hoaxes
From: "St. Laurent, Tim" <tstlaure () RICHMOND EDU>
Date: Fri, 7 Mar 2003 20:09:55 -0500
Kathie, Although our environment is much much smaller than yours, I hope some of this information may help you. 1- any student in a residence hall can connect any machine to our wired network; we do not require a MAC registration No answers yet, although we do require our students to register their computer via their MAC address we are using a home grown system. Hopefully 802.x will solve this problem! 2- anyone coming on to campus can connect to our wireless access points without authentication; we syslog the WAPs You may want to look into some type of authentication devices. We use an appliance by a company called Bluesocket. It allows for NT Domain and Radius authentication. It also encrypts the transfer of data via VPN technology. 3- we control the mail servers on campus (or have trusted departments that control departmental servers) No real comment here. It's good to know you have control over that! 4- we track IP address assignments issued by our DHCP server (but the assignments are not logged for more than a few days) You should try to track all your authentication logins via centralized Syslog servers. This should also give you IP information that you may need. As for adding digital signatures for your e-mail users, we are not currently doing this, but have plans to implement this in the near future. We will issue a PKCS#12 digital certificate to our users and store the public keys in a directory service such as OpenLDAP and/or Exchange. This will insure non-repudiation for e-mail messages sent. The whole PKI subject is an interesting one and I wish it would catch on more! We are also looking at storing digital certificates/signatures on a smart card solution. This solution would allow for digital signatures too. Hope to have this done sometime in the next year or so. One last comment. You make it harder for people to get huge e-mail listings of your users by limiting returns on web directories, as well as limiting where and to whom you give that information out to. Hope that helps you some. Tim ----------University of Richmond---------- Tim St. Laurent, CISSP, RHCE, MCSE Security Administrator *tstlaure () richmond edu (804-289-8655 -----Original Message----- From: Kathie Brinkman [mailto:brinkmkb () MUOHIO EDU] Sent: Friday, March 07, 2003 5:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Lowering the risk of email hoaxes I am with Miami University and we have formed a swat team, in reaction to an incident that occurred on our campus this past week - a student, purporting to be the president of the university, sent email to 31,000 email accounts stating that classes were cancelled for the following day. By the end of next week, we will be submitting a report to Miami management on how to lower the risk of email hoaxes. We all know that this is not a simple issue, for a number of reasons. Our current environment is as follows: 1- any student in a residence hall can connect any machine to our wired network; we do not require a MAC registration 2- anyone coming on to campus can connect to our wireless access points without authentication; we syslog the WAPs 3- we control the mail servers on campus (or have trusted departments that control departmental servers) 4- we track ip address assignments issued by our DHCP server (but the assignments are not logged for more than a few days) There is a lot of opportunity for improvement in the environment, but I would like to know what other institutions have found most useful. And, I would be interested in knowing if anyone uses PGP for critical messages. Thanks for your assistance. (Please excuse the duplicate email messages, for those of you who are on both the HDI-EDU and the Educause Security lists). _______________________________ Kathleen B. Brinkman Senior Manager, MCIS Support Desk 312-A Hoyt Hall, Miami University mailto: brinkmkb () muohio edu voice: 513.529.5947 fax: 513.529.1496 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Lowering the risk of email hoaxes Kathie Brinkman (Mar 07)
- <Possible follow-ups>
- Re: Lowering the risk of email hoaxes St. Laurent, Tim (Mar 07)
- Re: Lowering the risk of email hoaxes Gary Dobbins (Mar 08)
- Re: Lowering the risk of email hoaxes Kathie Brinkman (Mar 10)