[unisog] Educating Users

Peter Van Epp vanepp at sfu.ca
Wed Aug 8 02:46:47 GMT 2001


	While true of most of us on this list, I'm not sure thats generally
true. In addition to my site, I'm also on the technical committee of BCnet (the
local CAnet3 gigapop operator). As such I see the code red alerts (and finally
router blocks in the core which are usually avoided at all cost) from some
of the other education and likely K-12 sites connected via BCnet. I expect the 
folks on this list are self selected for security awareness and that it isn't 
in general true even in the education sector.
	That said I expect the final answer is going to be things like C3/I2
and likely (just like the original Internet) a trickle down to the commercial
Internet. A separate network probably at premium cost where things are more
controlled than the current commercial Internet. IP V6 would be a good thing
(although not strictly necessary if we implement and enforce cutoff points).
Essentially you gain access by demonstrating you will control you user base,
if you don't the cutoff point blocks your traffic and leaves you on the current
DDOSable Internet (and the law suits flow?) until you do control your traffic. 
Until there is an enforcable sanction (a Microsoft free Internet? although 
their .net initiative looks to me to be going down that path anyway, have you 
read the AUP? Has your site's lawyer?) I don't see electronic commerce being 
able to survive when it can be DDOSed by an anonymous nine year old (at least 
mentally a nine year old).
	I expect our answer is going to be that most University business can
be conducted via C3 and if commodity doesn't work today, oh well, perhaps 
you should arrange to qualify your colaborator for C3/I2 access and use that ...

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada


> 
> On Tue, Aug 07, 2001 at 10:57:49AM -0500, Karen A Swanberg wrote:
> > 
> > In the various Code Red threads, many things have been said about LARTS,
> > educating users, using AUP's to enforce the installation of servers, and
> > many other ideas.
> 
> Well, I wonder if it will make a whole heap of a difference.
> Sure, one day, we may finally educate *our* users.  I'm thinking
> that the real problem is going to come from the @home & DSL people.
> Who tells them there machine is messed up?  Who educates them?
> 
> I don't think it is as simple as *us* educating *our* users.
> 
> I think we'll start seeing that .EDU sites will be less and less
> of a 'problem' on the net.
> 
> 
> -- 
> Pete Hickey               |                         |       VEIWIT
> Communication Services    | Pete at mudhead.uottawa.CA |   Makers of transparent
> University of Ottawa      |                         |      mirrors for
> Ottawa,Ont. Canada K1N 6N5|  (613) 562-5800x1008    |       dyslexics.
> 



More information about the unisog mailing list