Educause Security Discussion mailing list archives
Program Questions
From: Bob Ono <raono () UCDAVIS EDU>
Date: Thu, 22 Jan 2004 11:07:56 -0800
Good morning, We are examining two areas for further program development and would like to follow-up offline with other institutions that are either following the same paths or have completed similar efforts. The first project involves integration of a point vulnerability scan with our central web authentication mechanism. During the fall, we added the UCONN netreg RPC vulnerability scanner code into campus web authentication. Thus, if a computer from which the authentication request was originating was missing an RPC patch, the user failed authentication and was redirected to a web page with instructions and resources to correct the problem. We are considering conversion of this tool into a more proactive tool - perhaps seeking to identify serious vulnerabilities that have not been widely exploited but have working exploit codes in the wild (as a proactive measure, web redirection may be limited to information about a vulnerability). If your institution has followed a similar direction, please contact me as we would like to learn more about other related efforts. The second project focuses on offering an infrastructure service to support campuswide file encryption services. The growth of state laws to protect personal information and need to ensure continued access to public records are driving issues for this review. If your institution is supporting a broad file encryption program, beyond desktop Windows/EFS and MAC/FileVault type applications, we would be interested in learning more about your program. We are willing to share information/conclusions from these examinations as we move forward. Thank you. Bob Robert Ono IT Security Coordinator Office of the Vice Provost, Information and Educational Technology University of California, Davis 530-754-6484 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Program Questions Bob Ono (Jan 22)