[unisog] CHE 3/15: The Growing Vulnerability of Campus Networks

Paul Schmehl pauls at utdallas.edu
Tue Mar 12 19:14:16 GMT 2002

Comments inline.

--On Monday, March 11, 2002 1:16 PM -0800 Tom Perrine 
<tep at SDSC.EDU> wrote:
> We are at the point where the only reason to notice scans
> is for our security research, to generate some statistics
> and to "prove" that we still need to "do" security.
We are too, and this concerns me.  I worry that we are 
missing something serious amidst all the "noise".  One 
thing is for sure.  We need better tools to sift the wheat 
from the chaff, because the level of traffic is making "the 
old ways" highly inefficient.

> <Cynicism>
> Reporting these scans to J. Random ISP in the US or
> anywhere is almost always a waste of time.  All the
> people who care have worked hard to fix their systems and
> you won't get scanned from them, and those that haven't
> fixed their systems are never going to.
> </Cynicism>

Our experience is the same here as well, and that also 
concerns me.  ISTM that at some point these networks need 
to clean up their act.  If it doesn't happen voluntarily, 
then expect governments to step in and "solve" the problem, 
and that worries me more than anything.

Paul Schmehl (pauls at utdallas.edu)
Supervisor of Support Services
The University of Texas at Dallas
AVIEN Founding Member

More information about the unisog mailing list