[Dshield] Secure computing / edu security

Johannes Ullrich jullrich at euclidian.com
Mon Oct 28 16:54:33 GMT 2002


> If we can do it, so can others.  Sure, we've had problems, but who
> hasn't? IT management is not pretty sometimes.

I do know .edu's that apply firewalls successfully to limit inbound
and outbound attacks. At edu's, the biggest problem is usually to 
put the appropriate policies into place. However, it can help to
backup the requests with numbers. A firewall with the ability to 
shape traffic can save a lot of money (e.g. limit bandwidth for
Kazaa to avoid having to buy faster connections, block 135-139 to
safe time spent on cleaning machines).

I am always claiming, that good security practices not only safe
money, but also make users more productive as they spent less
time fixing exploited machines. While this argument usually works
well in commercial environments, edu's have some political issues 
to overcome. But in either case, money usually counts and by charging
the right people for the traffic/work they generate, political change
can be helped along.


-- 
--------------------------------------------------------------------
jullrich at euclidian.com             Collaborative Intrusion Detection
                                         join http://www.dshield.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20021028/7d337811/attachment.bin


More information about the list mailing list