RPC Vulnerability: Patching Policies?
allen at rescomp.berkeley.edu
Fri Aug 8 07:05:16 GMT 2003
As the semester system schools get ready for the influx of residents
living in the dorms, I'm sure you're all thinking about how to handle the
Windows RPC Vulnerability on student-owned computers.
These are our preliminary ideas and we're wondering what other people have
1) Aggressively scan the network for unpatched/compromised computers using
some sort of tool
2) Disconnect any unpatched/compromised computers from the network
3) Require patching before letting them back on.
Sounds easy in theory. But implementation is going to be a mess on a
network with 6,000 computer. A few challenges we see:
-Working hours needed to identify and remove computers
-Verifying that the computer has been patched
-Working hours needed to put them back on the network.
Lead Network Security Coordinator
Office of Residential Computing
More information about the unisog