Educause Security Discussion mailing list archives
Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176)
From: "Cary, Kim" <Kim.Cary () PEPPERDINE EDU>
Date: Tue, 27 Sep 2005 08:33:43 -0700
Ah, Valdis, you got me with the very apt Star Wars quote:
"The more you tighten your grip, Tarkin, the more star systems will slip through your fingers." -- Princess Leia Organa Anybody who's following this security strategy needs to figure out what their endgame strategy is going to be once only ports 80 and 443 are allowed.....
Yes, the logical end-game is a caution and no mistake, but that lesson applies to the present. So, if someone is trying to get rid of Yahoo messenger, then, block the destinations? Go for the deep packet inspectors? We are not planning on this at present, but there are analogous issues. What are schools using to check for non-protocol traffic on standard protocol ports? Even Packeteer, whose game is doing just that, seems unable to get more than a B- at protocol fingerprinting.
Current thread:
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Cary, Kim (Sep 27)
- <Possible follow-ups>
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Valdis Kletnieks (Sep 27)
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Jeff Kell (Sep 27)
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Scholz, Greg (Sep 28)