Educause Security Discussion mailing list archives
Re: Checking for AV software on students' machines
From: Stephen Bernard <sbernard () GMU EDU>
Date: Wed, 9 Jun 2004 16:55:46 -0400
Brian Eckman wrote: <snip>
Yes, the Windows firewall (ICF) will block these types of scans. But that is a good thing. We are implementing a NetReg-based solution, and would be ecstatic if all of the dorm computers would pass the scan because they have their firewall on. I would call that "mission accomplished". Brian -- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
It sounds like what is being said is, "as long as the external symptoms of a problem are hidden it isn't a problem". This is exactly why some network security practitioners take the tact that firewalls are a bad thing because they make system administrators complacent and leave end users naively vulnerable. The MS firewall surely won't prevent an end user from downloading a trojaned music file which then posts their keystrokes, personal information, or business files to an IRC channel. It doesn't provide application protections. There isn't any mechanism for disallowing the disabling of the firewall, especially when the average user logs in with Administrator privileges. It's very probable that malware exists or will come out that actually utilizes the personal firewall. The malware could re-configure the firewall so that it continues to block internal addresses from scanning it but allowing specific, encrypted (IPSEC) connections. Steve ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Checking for AV software on students' machines, (continued)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 09)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 09)
- Re: Checking for AV software on students' machines Jeff Bollinger (Jun 09)
- Re: Checking for AV software on students' machines Helms, Sandra (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 09)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 09)
- Re: Checking for AV software on students' machines jack suess (Jun 09)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 09)
- Re: Checking for AV software on students' machines Gary Flynn (Jun 09)
- Re: Checking for AV software on students' machines Robert Ono (Jun 09)
- Re: Checking for AV software on students' machines Stephen Bernard (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 10)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 10)
- Re: Checking for AV software on students' machines Dunker, Mary (Jun 10)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 10)
- Re: Checking for AV software on students' machines Shawn Kohrman (Jun 10)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 10)
- Re: Checking for AV software on students' machines Brian Eckman (Jun 10)
- Re: Checking for AV software on students' machines Jason S. Cash (Jun 10)
- Re: Checking for AV software on students' machines Steve Schuster (Jun 10)
- Re: Checking for AV software on students' machines Cal Frye (Jun 10)
(Thread continues...)