Educause Security Discussion mailing list archives
Re: Oxford and Google Apps
From: Tim Doty <tdoty () MST EDU>
Date: Tue, 19 Feb 2013 08:39:56 -0600
On 02/19/2013 06:11 AM, Tracy Mitrano wrote:
Thoughts on this matter among the experts? http://blogs.oucs.ox.ac.uk/oxcert/2013/02/18/google-blocks/
Some of the reactions here seem to indicate that people think Oxford is still doing this. The block was temporary (about two hours I think they said) and due to collateral damage would not happen again without things being worse than they were when done the first time.
In terms of "we've got to do something *now*" I understand it, but it doesn't seem like something that is particularly effective. As others have noted, it is trivial to setup a collection form pretty much anywhere so blocking the forms by blocking an entire service or IP is unlikely to ever have that much effect.
We certainly have received pressure to "block that IP" when users are taking action on a phish (or even if no one is). I've always viewed it as too dynamic to be worth much.
Honestly, I don't think there are any good answers. Tim Doty
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: Oxford and Google Apps, (continued)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Santabarbara, Angelo (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Santabarbara, Angelo (Feb 19)
- Re: Oxford and Google Apps Roger A Safian (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Mike Porter (Feb 19)
- Re: Oxford and Google Apps David Gillett (Feb 19)
- Re: Oxford and Google Apps Justin C. Klein Keane (Feb 19)
- Re: Oxford and Google Apps Kevin Wilcox (Feb 19)