Educause Security Discussion mailing list archives
Re: Blocked URL Categories
From: "Bradley, Stephen" <bradlesw () MIAMIOH EDU>
Date: Fri, 27 Oct 2017 13:34:40 -0400
We block CnC, phishing and malware as well. We also block P2P but that is in our AUP policy and has been for 13 years now. On the occasion we get a complaint we run it by our ISO and get the okay to whitelist the URL and that is maybe twice per month. steve On Fri, Oct 27, 2017 at 1:23 PM, Adam Maynard <AMaynard () clarku edu> wrote:
The only URL categories we block are malware, command-and-control, and phishing. Anything else is a grey area of censorship. For instance, I visit hacking websites, not to become a black hat, but to educate myself on hacking TTP. You get into 1st amendment arena if you decide to block others. If any illegal activity is happening, it’s likely occurring over encrypted channel or TOR. Everything else can be justified for research or educational purposes. If you blocked those other categories, it would be a burden to manage and process exception requests. Unless there’s a plausible cause, how do you show they’re using it for illegal activity? You’d have to set up some kind of behavioral based monitoring. Occasionally, sites get miscatorgorized as malware. Then I’ll have to look into it. Reputation databases are pretty helpful with that. -Adam *From:* The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Ronald King *Sent:* Friday, October 27, 2017 12:57 *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Blocked URL Categories Good afternoon, We are a public institution in Maryland. We are being questioned by our state auditors as to why we permit access to the URL categories abused-drugs, extremism, hacking, and gambling when our AUP states IT resources are not to be used for illegal activities or "for commercial, religious, political (including activities supporting the nomination of any person for political office or attempting to influence the vote in any election or referendum), solicitation, or profit-making purposes." Along with academic freedom, the perspective I have been arguing is one to permit access to the sites. The argument is, just because a student accesses a gambling website does not mean they are gambling. So, my questions to the group are: - Do you block these URL categories by default? - If so, how do you address the request to research in areas that might require access to these URLs? - How did you convince the auditors it was necessary to allow access to these categories? As always, responses can be addressed directly to me or via the listserv. Thank you for your input! *Ronald A. King, CISSP* Chief Information Security Officer Morgan State University Office: (443) 885-3372 1700 E. Cold Spring Ln <https://maps.google.com/?q=1700+E.+Cold+Spring+Ln&entry=gmail&source=g>. Email: ronald.king () morgan edu Baltimore, MD 21251 URL: http://www.morgan.edu *Growing the future ... Leading the world* <http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>
-- Puppy---Monkey---Baby Stephen W. Bradley CISSP GNFA GCFA GCIH GWAPT SSCP Senior Security Engineer Miami University IT Services bradlesw () miamioh edu 513-529-1809
Current thread:
- Blocked URL Categories Ronald King (Oct 27)
- Re: Blocked URL Categories John Ruggirello (Oct 27)
- Re: [External] [SECURITY] Blocked URL Categories Reyor, William F. (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
- Re: Blocked URL Categories Jones, Mark B (Oct 27)
- Re: Blocked URL Categories Adam Maynard (Oct 27)
- Re: Blocked URL Categories Bradley, Stephen (Oct 27)
- Re: Blocked URL Categories Ladwig, John M (Oct 27)
- Re: Blocked URL Categories Garrett Hildebrand (Oct 27)
- Re: Blocked URL Categories Mccormick, Kevin (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
- Re: Blocked URL Categories Ronald King (Oct 27)
- Re: Blocked URL Categories Frank Barton (Oct 27)
- Re: Blocked URL Categories Babak Oskouian (Oct 27)
- Re: Blocked URL Categories Frank Barton (Oct 27)
- Re: Blocked URL Categories Garrett Hildebrand (Oct 27)
- Re: Blocked URL Categories Ronald King (Oct 27)