Educause Security Discussion mailing list archives
Re: NAT / dynamic IP addresses
From: "Davis, Thomas R." <tdavis () INDIANA EDU>
Date: Tue, 27 May 2003 08:28:16 -0500
I think it varies based on a few factors, such as: * Are you packet filtering your campus network? While packet filters (e.g., firewall, router ACLs) aren't the be-all end-all that some believe, they are rather successful at blocking script kiddies and a number of worms. If you don't use any packet filtering, chances are remote hackers are your most dangerous threat. * Do you have a site license for desktop and email anti-virus software? We all know that a site license for desktop a/v software doesn't guarantee protection if a brand new virus is found in the wild or if the user doesn't take the time to install/update it. An email server based a/v product goes a long way in helping the latter. Of course, p2p is another issue. ;-) In our environment, we find that most virus problems are caused by "old" viruses that would have been detected had the user a) installed a/v software, and/or b) updated their virus patterns within the last couple of months. As Scott says, viruses are still a considerable threat. * Are you at a commercial entity or higher ed? It seems to me (your mileage may vary) that most non-higher ed conferences and security practitioners claim that "insiders" are your biggest threat. By insiders, they are referring to disgruntled employees and employees looking to make a profit. While I'm sure that this is the case in the corporate world (as most probably have robust firewalls, security practices, and a/v installs), I don't think it maps well to higher ed. Unless, of course, you count clueless sysadmins as "insiders". :-) Just my .02 cents, -- Tom Davis, Information Technology Security Officer, CISSP Office of the VP for Information Technology, Indiana University For PGP Key: https://www.itso.iu.edu/staff/tdavis -----Original Message----- From: Scott Bradner [mailto:sob () HARVARD EDU] Sent: Friday, May 23, 2003 9:32 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] NAT / dynamic IP addresses remote hackers are not generally anywhere as dangerious as virsus or disgrunteled employees ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- NAT / dynamic IP addresses Kevin Shalla (May 22)
- <Possible follow-ups>
- Re: NAT / dynamic IP addresses Scott Bradner (May 23)
- Re: NAT / dynamic IP addresses Davis, Thomas R. (May 27)