Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Appropriate University/Internet blocks

From: Eric Pancer <epancer () SECURITY DEPAUL EDU>
Date: Wed, 16 Jun 2004 20:00:24 -0500
Tom Conley wrote on Wed, 2004-06-16 at 10:20:37 -0400...


What is the appropriate level of filtering or port blocking at A
University/Internet border?


How much "Smack My [Arse] and Call Me Sally Jalapeno Hot Sauce" [1]
do you like on your burrito? That's about the same answer you'll get
when approaching various folks on this discussion.

Analyze what you need, where your risk is and what will benefit your
environment. Will a blanket deny of 445/tcp at your border work? Or
will edge filters with more stringent filters contain worms and
attacks better? Write up your experience, your struggles, and share
them with others. Rinse. Repeat.

Sorry to be vague, but I used to be a proponent of filtering, now
I'm not so much anymore.

- Eric

[1] Yes, this exists and is VERY hot!
    <http://www.somelikeithotter.com/sku081.htm>

--
Eric Pancer :.: Computer Security Response Team :.: DePaul University
http://security.depaul.edu/ .:`:.:':.:`:. epancer () security depaul edu
pgp: 1024D/7ACBCFF3 C022 4991 41E5 51E7 683C F765 62F7 7F8E 7ACB CFF3

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: