| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pauls at utdallas.edu (Paul Schmehl) Subject: The worm author finally revealed! On Fri, 2003-01-31 at 14:07, Ron DuFresne wrote: > > if deployed on all commisioned servers, then yer protected at host > level... > Ever priced a firewall for Windows? Oh, I set up ipchains, iptables, ipfw or whatever on the *nix boxes I maintain, but what do you do for Windows? AFAIK there are no free firewalls for Windows servers, and the ones that I've looked at ain't cheap. > > again, in most cases, depending upon the HW/SW choices made, two boxes and > the proper number of interfaces. > Depending upon the volume of traffic too. > > > It gets expensive in a hurry. Now do you still need to wonder why some > > networks have no firewall and no DMZ? > > The real expense is in maint of the equipment, and testing/auditing > periodically... > ...but who's picking nits? I was just trying to add some reality to the utopia that some people seem to live in. > > But, what does interest me here, is that if utdallas has no real security > policy, and no perimiter defences, what does the Adjunct Information > Security Officer really do? Tis a real question and not meant as a slam. > I guess you haven't caught on yet. I'm not telling you what UTD is doing. I'm telling you what is the "norm" or "average" for edu. Trust me, we have a security policy in place and published (but I want more - more policies and more specifics), and we have permimeter defenses in place, and we have monitoring in place, and we force good passwords, etc., etc. What do I do? Well I'm responsible for many things, but in the categories you seem interested in; I handle all antivirus protection for the campus (have for years) and I'm responsible for IDS on campus. Others handle the switching, routing and firewalls, but I have (respected) input on what gets blocked. I do the investigations when there's a breakin, and I get to generate all the reams of paper for the reports we have to file. At least, that's the part I think *you* wanted to hear. -- Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member
Powered by blists - more mailing lists