Educause Security Discussion mailing list archives
Re: Appropriate University/Internet blocks
From: Shawn Kohrman <skohrman () HONEYNET APU EDU>
Date: Wed, 16 Jun 2004 10:57:11 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We use a "block all inbound except for approved purposes" approach. There has been some backlash to it, but overall it's gone over well. One argument that helped immensely was showing our directors the live scrolling list of denied attempts. Shawn Kohrman, CISSP Lead Network Administrator Azusa Pacific University 901 E. Alosta Ave. Azusa, CA 91702 http://www.apu.edu/ Ariel Silverstone wrote: | Tom, | | At Temple, we approached it very gingerly. Generally, the following are the | steps we took: | | 1) thought hard about what it is we are really trying to do | 2) created an application that enabled us to perform step 4 below | 3) created a "security council" combined of representatives from every | school and administrative department and solicited their input | 4) asked the members to use the application to register every server, | guaranteeing that no server which is registered be effected by a new | firewall or firewall rule | 5) created the new rule set | 6) informed the community that as of a specific date, our rule set - which | is now set to "Deny All except" rather then "permit all except" will be | active | 7) prepared the help desk for influx of calls | 8) turned on the rule set | 9) watched as less then 30 calls (out of 55,000 users) came in about this | issue. | | | Thank you, | | Ariel Silverstone, CISSP | Chief Information Security Officer | Temple University | | | -----Original Message----- | From: The EDUCAUSE Security Discussion Group Listserv | [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tom Conley | Sent: Wednesday, June 16, 2004 10:21 AM | To: SECURITY () LISTSERV EDUCAUSE EDU | Subject: [SECURITY] Appropriate University/Internet blocks | | This is a hackneyed old question, but one we are still struggling with: | | What is the appropriate level of filtering or port blocking at A | University/Internet border? | | Specifically, what ports or packets are y'all (other universities) currently | blocking? Do you have router configurations that you can share? | Do you use an IP blacklist? Are the "blacklist" and "ports list" permanent | or do the blocks "time out" automatically? How do you manage all this? | | It seems [obvious] that the recommendations made for other industries are | not generally accepted at universities. But what is acceptable? | | Any feedback is appreciated. Feel free to contact me off-list if you | prefer. | | Thanks. | | Tom | | Tom Conley, CISSP | Network Security | Ohio University | 740.593.2264 | conleyt () ohio edu | security () ohio edu | | ********** | Participation and subscription information for this EDUCAUSE Discussion | Group discussion list can be found at http://www.educause.edu/cg/. | | ********** | Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA0Imqy1T7fFQ18PsRAs2FAJ4iA6WIQG/yOneA5/vNDqB47EePqwCdFZmD Ym9/9LfO5ZGFLWF+kdpPYeU= =qtDD -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Appropriate University/Internet blocks Tom Conley (Jun 16)
- <Possible follow-ups>
- Re: Appropriate University/Internet blocks Willis Marti (Jun 16)
- Re: Appropriate University/Internet blocks Ariel Silverstone (Jun 16)
- Re: Appropriate University/Internet blocks Eli Dart (Jun 16)
- Re: Appropriate University/Internet blocks Shawn Kohrman (Jun 16)
- Re: Appropriate University/Internet blocks Willis Marti (Jun 16)
- Re: Appropriate University/Internet blocks John Center (Jun 16)
- Re: Appropriate University/Internet blocks Eric Pancer (Jun 16)
- Re: Appropriate University/Internet blocks Mike Wiseman (Jun 17)
- Re: Appropriate University/Internet blocks Theresa Semmens (Jun 17)
- Re: Appropriate University/Internet blocks Lucas, Bryan (Jun 17)
- Re: Appropriate University/Internet blocks Eric Pancer (Jun 17)
- Re: Appropriate University/Internet blocks Professor George Davida (Jun 17)
- Re: Appropriate University/Internet blocks Angel L Cruz (Jun 17)
- Re: Appropriate University/Internet blocks Davis, Thomas R. (indiana.edu) (Jun 18)