Educause Security Discussion mailing list archives
Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176)
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 27 Sep 2005 23:04:16 -0400
On Tue, 27 Sep 2005 08:33:43 PDT, "Cary, Kim" said:
Yes, the logical end-game is a caution and no mistake, but that lesson applies to the present. So, if someone is trying to get rid of Yahoo messenger, then, block the destinations? Go for the deep packet inspectors? We are not planning on this at present, but there are analogous issues. What are schools using to check for non-protocol traffic on standard protocol ports? Even Packeteer, whose game is doing just that, seems unable to get more than a B- at protocol fingerprinting.
The answers to this, of course, all are very dependent on *why* you're trying to get rid of Yahoo messenger - most often, it's a case of shooting the messenger. The *REAL* concern probably isn't "We don't like Yahoo Messenger", it's more likely some variant on "holes in Yahoo Messenger can compromise systems and expose data". At that point, you're better off long term in spending effort in deploying systems that it doesn't matter, because programs like Yahoo Messenger are sandboxed and unable to get any traction. For example, the SELinux component now shipping with RedHat and Fedora Linux is able to sandbox Mozilla and Firefox so it can only read and write its own files. (Yes, I realize the vast majority of us are still stuck running systems that are all too willing to let programs access anything they want, sometimes for reasons as trivial as "the file is owned by the person who the program seems to be running under". That's the *real* problem here....)
Attachment:
_bin
Description:
Current thread:
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Cary, Kim (Sep 27)
- <Possible follow-ups>
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Valdis Kletnieks (Sep 27)
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Jeff Kell (Sep 27)
- Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176) Scholz, Greg (Sep 28)