Educause Security Discussion mailing list archives

Re: the importance of security

From: Jon Mitchiner <jon.mitchiner () GALLAUDET EDU>
Date: Wed, 11 Aug 2004 13:15:43 -0400

Gary Flynn wrote:

access-list 120 deny tcp any any eq 25 log

Then check your logs. :)


You'd have quite a lot of false positives unless youre looking for
someone who is sending thousands of e-mails per hour.  Then perhaps
you'd know the person is infected.  The next challenge is you wouldn't
know which virus it has until you physically inspect the machine.
That's difficult if you do not control the machine (e.g. students.)

Normally we like to be able to see what files it's sending so we can
make a record of it indicating that it probably has Beagle to make it
easier for the clean-up team. :)

Jon Mitchiner
Gallaudet University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Re: the importance of security, (continued)
- Re: the importance of security Theresa M Rowe (Aug 11)
- Re: the importance of security Weeks, Calvin W. (Aug 11)
- Re: the importance of security Scott Genung (Aug 11)
- Re: the importance of security Jere Retzer (Aug 11)
- Re: the importance of security Dewitt Latimer (Aug 11)
- Re: the importance of security Scott Genung (Aug 11)
- Re: the importance of security Cal Frye (Aug 11)
- Re: the importance of security Jon Mitchiner (Aug 11)
- Re: the importance of security Gary Flynn (Aug 11)
- Re: the importance of security Gary Flynn (Aug 11)
- Re: the importance of security Jon Mitchiner (Aug 11)
- Re: the importance of security Buz Dale (Aug 11)
- Re: the importance of security Rich Graves (Aug 11)
- Re: the importance of security Paul Russell (Aug 11)
- Re: the importance of security Mike Iglesias (Aug 11)
- Re: the importance of security Scott Weeks (Aug 12)