lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0308151026520.6723-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: "MS Blast" Win2000 Patch Download

On Fri, 15 Aug 2003, Paul Schmehl wrote:

> --On Friday, August 15, 2003 08:35:30 AM -0400 James Patterson Wicks
> <pwicks@...gen.com> wrote:
>
> > I guess we just have a diferent approach to laptops and the corporate
> > environment than others.  The only way a laptop can be plugged into our
> > network is if it has been cleard by the IS department.
>
> No, he doesn't have a different approach.  He has a different set of
> problems than you do.
>
> Try solving this puzzle.  You have 50,000 students living in dormitories,
> each with a 100MB connection to the Internet.  Their computers belong to
> them and the state will not allow you to do any work on them.  In addition,
> for liability reasons, you cannot work on their computers.
>
> Now solve the problem of them constantly getting hacked and infected,
> without being able to force software on their computers, without being able
> to patch them, without being able to demand that they use a firewall.  (You
> can send them all the warning messages you want.  Good luck on having them
> actually *read* them, much less follow the advice.)
>
> Sure, you can firewall off the dorms from your network, but that doesn't
> solve the problem of the 50,000 student infecting each other and then
> calling your support people crying for help.  And it doesn't solve the
> problem of those same students bringing their infected laptops *on* your
> network when they walk up from the dorms.

	[SNIP]

Sure it does, if these are the limits imposed upon you, what is your
concern if these machines infect one another and/or their connectivity
chokes off at some point due to the congestion of such activity?  If you
fail to isolate them, you make your job harder and give the .edu a bad
rap, and make them potentially liable for the damages that these dorm
users pose to the rest of the internet at large.  If enough students
complain about the fact that theit connectivity to the internet and the
rest of the .edu network, then either the limitations you are working
under will be changed and adapted, or those students are going to start
seeking the info and such to correct their own systems.  Doing nothing and
tossing your hands in the air in frustration is *not* the way to go here.
And even imagining doing nothing is the myopic view.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ