Educause Security Discussion mailing list archives
Re: Checking for AV software on students' machines
From: Bill Frazier <frazier () IASTATE EDU>
Date: Thu, 10 Jun 2004 07:50:37 CDT
I agree. To amplify on what I said about our effort, we are preparing an application which will run on the client system to do tests. A firewall may protect against intrusion, but it says nothing about pre-existing state. A well patched and AV current system is less likely to be carrying infection. Bill __________________________________________________________________ On Wed, 09 Jun 2004 16:55:46 EDT, Stephen Bernard wrote: Brian Eckman wrote: <snip>
Yes, the Windows firewall (ICF) will block these types of scans. But that is a good thing. We are implementing a NetReg-based solution, and would be ecstatic if all of the dorm computers would pass the scan because they have their firewall on. I would call that "mission accomplished". Brian -- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
It sounds like what is being said is, "as long as the external symptoms of a problem are hidden it isn't a problem". This is exactly why some network security practitioners take the tact that firewalls are a bad thing because they make system administrators complacent and leave end users naively vulnerable. The MS firewall surely won't prevent an end user from downloading a trojaned music file which then posts their keystrokes, personal information, or business files to an IRC channel. It doesn't provide application protections. There isn't any mechanism for disallowing the disabling of the firewall, especially when the average user logs in with Administrator privileges. It's very probable that malware exists or will come out that actually utilizes the personal firewall. The malware could re-configure the firewall so that it continues to block internal addresses from scanning it but allowing specific, encrypted (IPSEC) connections. Steve ********** Participation and subscription information for this EDUCAUSE Discussion Group d iscussion list can be found at http://www.educause.edu/cg/. __________________________________________________________________ Bill Frazier frazier () iastate edu Assistant Director/Software Support voice: (515) 294-8620 Iowa State University fax: (515) 294-1717 Academic Information Technologies, 291 Durham, Ames, Iowa 50011 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Checking for AV software on students' machines, (continued)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 09)
- Re: Checking for AV software on students' machines Jeff Bollinger (Jun 09)
- Re: Checking for AV software on students' machines Helms, Sandra (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 09)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 09)
- Re: Checking for AV software on students' machines jack suess (Jun 09)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 09)
- Re: Checking for AV software on students' machines Gary Flynn (Jun 09)
- Re: Checking for AV software on students' machines Robert Ono (Jun 09)
- Re: Checking for AV software on students' machines Stephen Bernard (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 10)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 10)
- Re: Checking for AV software on students' machines Dunker, Mary (Jun 10)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 10)
- Re: Checking for AV software on students' machines Shawn Kohrman (Jun 10)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 10)
- Re: Checking for AV software on students' machines Brian Eckman (Jun 10)
- Re: Checking for AV software on students' machines Jason S. Cash (Jun 10)
- Re: Checking for AV software on students' machines Steve Schuster (Jun 10)
- Re: Checking for AV software on students' machines Cal Frye (Jun 10)
- Re: Checking for AV software on students' machines Jason S. Cash (Jun 10)
(Thread continues...)