RPC Vulnerability: Patching Policies?

Allen Chang allen at rescomp.berkeley.edu
Fri Aug 8 07:05:16 GMT 2003


Hi everyone,

As the semester system schools get ready for the influx of residents
living in the dorms, I'm sure you're all thinking about how to handle the
Windows RPC Vulnerability on student-owned computers.

These are our preliminary ideas and we're wondering what other people have
thought of:

1) Aggressively scan the network for unpatched/compromised computers using
some sort of tool

2) Disconnect any unpatched/compromised computers from the network

3) Require patching before letting them back on.

Sounds easy in theory. But implementation is going to be a mess on a
network with 6,000 computer. A few challenges we see:

-Working hours needed to identify and remove computers

-Verifying that the computer has been patched

-Working hours needed to put them back on the network.


Allen Chang
Lead Network Security Coordinator
Office of Residential Computing
UC Berkeley



More information about the unisog mailing list