Re: Destiny Gaming

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

All this talk of destiny reminds me of this scene from "Young Frankenstein".

https://www.youtube.com/watch?v=f_7prdLqWVA


> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Keller, Alex
> Sent: Thursday, September 11, 2014 10:19 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Destiny Gaming
>
> Legitimacy and design/architecture aside, please note that of the thousands
> of ports that are specified in the Bugie documentation, "only" 3074 UDP and
> 35000-35099 TCP are required to open INBOUND. Unless you are actually
> performing egress filtering (most hi-ed institutions don't) then the majority
> of these ports are already open/available.
>
> Best,
> alex
>
>
>
> Alex Keller
> Information Technology
> Stanford School of Engineering
> axkeller () stanford edu
> (650) 736-6421
>
>
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Self, Dennis
> Sent: Thursday, September 11, 2014 7:33 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Destiny Gaming
>
> A student has requested the opening of a large number of firewall ports
> (thousands) as referenced at the vendor
> site: http://www.bungie.net/en/Help/Article/11875.  We do not plan to
> open the ports.  I have never played the game.  The request raises concerns
> that the application has security design issues, and the company has brazen
> attitudes towards security in stating the ports should be opened.  Has
> anyone else dealt with this and developed an objective rationale?
>
> Kind regards,
>
> Dennis Self, CISSP
> Director, IT Security & Compliance
> Technology Services
>
> 205-726-2692 | office
> DLSelf () Samford edu
> www.samford.edu
> 800 Lakeshore Drive, Birmingham, AL 35229
>
>
>  "Truth is not democratic." Dennis Self, 2013