[unisog] Sightly OT: Re: [unisog] University virus-writing course?

Phillip G Deneault deneault at WPI.EDU
Thu May 29 03:09:17 GMT 2003

On Wed, 28 May 2003 Valdis.Kletnieks at vt.edu wrote:

> On Wed, 28 May 2003 20:59:13 EDT, Phillip G Deneault <deneault at WPI.EDU>  said:
> > If they miss(mistyping an IP), or students on either side try to attack
> > other unrelated systems(DNS, switches, routers, or other hosts) in an
> > attempt to disable or break into the project, I'll need to block those 
> > sites and point out the fact that the project is in violation of our AUP, 
> > not to mention clean up the mess.  I'd rather not do that and head of the 
> > problem at the pass.
> > 
> > Does anyone have any thoughts this problem?  Does anyone think this is 
> > lunacy or that I'm way off base?  I'd like people's 2 cents if they've 
> > come across this problem before and possibly what they did to solve it.
> Give them each a playground subnet on their campuses using a RFC1918
> address space, VPN them together, and then aggressively ingress/egress
> filter all the sandbox subnets.  That should suffice.

I appreciate the feedback, but the problem isn't so much technical in 
nature.  Its about the overall policy issues it creates, the problem of 
the lack of knowledge, and what happens after.  I'm trying to be 
proactive about the situation and fit it into an evolving security policy.

I'd also not like to throw technology at the problem if the problem is 
education or policy problems.  The mice have a tendancy to get smarter 
when I make better traps.  I don't like smart mice. :-)


Phil Deneault     "We work in the dark, We do what we can,
deneault at wpi.edu   We give what we have. Our doubt is our passion,
WPI NetOps         and our passion is our task. The rest is the
InfoSec            maddness of art." - Henry James

More information about the unisog mailing list