Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Researcher Activities

From: David Gillett <gillettdavid () FHDA EDU>
Date: Mon, 16 Jun 2008 16:55:44 -0700
  We're a community college, which is a slightly different situation,
but we have an automotive technology training program on campus.  A
couple of times a year, that program puts on race/rally events....
  The events are scheduled for a weekend, to minimize impact on other
campus programs.  Portions of the campus normally open to traffic are
shut down; as far as I can determine, the program pays the overtime
costs of a couple of campus police officers to redirect traffic, and
so on.

  If a faculty member wants to make analogous arrangements to conduct
an educational network exercise without impacting other campus
activities, we'd be glad to discuss it with them.

David Gillett



-----Original Message-----
From: Willis Marti [mailto:wmarti () TAMU EDU]
Sent: Wednesday, June 11, 2008 8:26 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Researcher Activities

How do y'all deal with faculty that want to do things like
ICMP-scan the
IPv4 address space? Or try out the next web crawler? Or
enumerate http servers?

A lot of those and similar activities may set off (false)
warnings about attacks or infected machines and can be
considered "unfriendly".
Certainly we don't let students play around that way.

Do you support that kind of research? Ban it? Ignore it?
How about complaint handling?

I'd just like to get others' viewpoints.
--
Cheers,
  Willis Marti
  Director & CISO
  Networking and Information Security
  Texas A&M University
Previous By Date Next
Previous By Thread Next

Current thread: