[unisog] CHE 3/15: The Growing Vulnerability ofCampus Networks

H. Morrow Long morrow.long at yale.edu
Mon Mar 11 18:38:18 GMT 2002

Paul Schmehl wrote:
> I found it discouraging.  They make it sound like we are
> populated by technical dummies who have no hope of
> understanding security.  I think there's no question that
> we have a problem we need to deal with, but that's a long
> way from saying we're incompetent or don't care.

And we have be doing a lot in recent years to work on the problem,
both on our individual networks and as a group -- though we can do more.

> We've had this argument before here, and I still maintain
> that colleges and universities are not nearly as big a
> problem as "home" networks (large DSL pools of completed
> unprotected machines.)

Quite true.  And I would add that many small ISPs and web hosting
companies are hardly well protected IMHO.  I see probes and attacks
coming from commercial web servers, ISPs and other countries all the time.

I think that the same misperception holds w.r.t. Higher Ed nets and P2P
file stealing (oops, I meant file sharing...) applications.  Sometimes
I think that P2P apps (Kazaa, Morpheus, AudioGalaxy) are a major (if not
the main) reason for the existence of a market for high speed Internet
access in the home.

However, we (Universities) are an easier target for people to complain
about than amorphous and diluted groups of high speed DSL/cable users.

And I would venture to say that some Universities are likely easier
targets for cr/hackers looking for vulnerable NT/W2K and Unix/Linux
hosts to compromise and take over.  In particular I'd say that our IP
networks may be more concentrated "target-rich" environments for someone
looking for these platforms.

If you were going to look for hosts to break into, would you start
running scans over the 'sparse' target-poor network blocks belonging
to cable ISPs or would you look up a few university network numbers
in whois at ARIN and scan them -- depending on whether one was looking
for NT/W2K Wks/Pro/Server and Unix/Linux servers or if one were looking
for vulnerable Windows 9x/ME/XP Home Edition.  A thought - we should
"war game" this at a conference on higher-ed infosec sometime.

- Morrow

> --On Monday, March 11, 2002 10:55 AM -0500 "H. Morrow Long"
> <morrow.long at yale.edu> wrote:
> > http://chronicle.com/free/v48/i27/27a03501.htm
> Paul Schmehl (pauls at utdallas.edu)
> Supervisor of Support Services
> The University of Texas at Dallas
> AVIEN Founding Member
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2578 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.dshield.org/pipermail/unisog/attachments/20020311/1b18b7c1/smime-0006.bin

More information about the unisog mailing list