[Dshield] Port 135

KeithTarrant@spamcop.net KeithTarrant at spamcop.net
Fri Oct 25 22:07:19 GMT 2002


MessageWith 10,000 students I can see you need some  kind of file sharing.

But glib comments aside, we can both imagine the reprecussions if 10,000 student PCs at 10,000 locations stop working in the last 2 weeks of the term.

Don't expect MS to solve your problem, although who knows, they might.  You are not a typical home user or small office.   Windows doesn't provide proper office productivity software (MS Office does that) -- it also doesn't provide proper Wide Area Network file sharing server software.  Windows is sold as an operating system with some add-ons., not as a do-everything product.

To be reasonably secure your network is going to require some network security and file sharing software beyond Windows.  This doesn't have to be expensive, but it isn't going to be free.

On a network with 10,000 external PCs and I guess close to a thousand internal PCs I'd definitely recommend bringing in a security consultant.  

A security consultant will save you  money because you won't be wasting time, and won't be spending money on stuff that doesn't do what you want or that doesn't work together.  You could train someone, but it takes at least a dozen hours a week of study to stay reasonably up-to-date, and exposure to multiple companies and multiple problems brings increased perspective.

You won't need him/her full time, but someone to plan your network, recommend software, recommend firewalls, and so on, and who will leave you with a schedule of what daily and weekly activities are needed to keep your system secure.  

Then have them return for a couple of days each quarter to check things are up-to-date, still properly configured, and to spot check some logs.

Some tips while you wait for approval to bring someone in:
- turn on strong password enforcement
- set a maximum password attempts and a reasonable timeout period before further attempts
- require passwords on all shares (be careful because this will impact your admin and staff computers too)
- look for an anti-virus software vendor who will give you a deal on providing copies of their software for all your students.  
- Give the AV software to your students.  And make sure it is running on your own computers.

Beyond that, one would need to study your requirements and current system to make cost-effective recommendations.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20021025/5be892c5/attachment.htm


More information about the list mailing list