Educause Security Discussion mailing list archives
Re: Inbound Default Deny Policy at Internet Border
From: "Davis, Thomas R." <tdavis () IU EDU>
Date: Tue, 17 May 2005 07:24:47 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----Original Message---- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of stanislav shalunov Sent: Monday, May 16, 2005 1:19 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Inbound Default Deny Policy at Internet Border
I believe this is a fallacy. Most threats come from within even for commercial entities, and especially in a university environment, with lots of bored smart young people who like to tinker.
It depends on how you define "threat" and "within". Is the threat the students, faculty and staff on our networks that do not keep their machines patched? Or, is the threat the miscreants that actually exploit the vulnerabilities introduced on our network by those same students, faculty, and staff? Maybe we (IU) have well behaved students, but very few of our attacks are initiated by tinkering students (i.e., those attacking on purpose). - -- Tom Davis, IT Security Officer, CISSP, CISM, GCIA Office of the VP for Information Technology, Indiana University PGP key or S/MIME certificate: https://itso.iu.edu/Tom_Davis -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQonijXMQ7XQGtBENEQJ1igCgjMMGIWIakKqyd8mO9Zgx5KbtoJ0AoOTp HKbB9446YlqnSpx/pqUXAFVO =akma -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Re: Inbound Default Deny Policy at Internet Border, (continued)
- Re: Inbound Default Deny Policy at Internet Border John Kristoff (May 16)
- Re: Inbound Default Deny Policy at Internet Border Eric Pancer (May 16)
- Re: Inbound Default Deny Policy at Internet Border Cal Frye (May 16)
- Re: Inbound Default Deny Policy at Internet Border Michael Sinatra (May 16)
- Re: Inbound Default Deny Policy at Internet Border stanislav shalunov (May 16)
- Re: Inbound Default Deny Policy at Internet Border Valdis Kletnieks (May 16)
- Re: Inbound Default Deny Policy at Internet Border stanislav shalunov (May 16)
- Re: Inbound Default Deny Policy at Internet Border Joel Rosenblatt (May 16)
- Re: Inbound Default Deny Policy at Internet Border stanislav shalunov (May 16)
- Re: Inbound Default Deny Policy at Internet Border Mark Borrie (May 16)
- Re: Inbound Default Deny Policy at Internet Border Davis, Thomas R. (May 17)
- Re: Inbound Default Deny Policy at Internet Border Mark Poepping (May 17)
- Re: Inbound Default Deny Policy at Internet Border Jeff Wolfe (May 17)
- Re: Inbound Default Deny Policy at Internet Border Jeffrey I. Schiller (May 18)