[unisog] Sightly OT: Re: [unisog] University virus-writing course?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu May 29 03:55:37 GMT 2003


On Wed, 28 May 2003 23:09:17 EDT, Phillip G Deneault said:

> I'd also not like to throw technology at the problem if the problem is 
> education or policy problems.  The mice have a tendancy to get smarter 
> when I make better traps.  I don't like smart mice. :-)

No amount of education or policy will substitute for a proper

MATCH 10/8 POLICY=DROP

when somebody slice-and-mices your campus DNS server into the config file
instead of a test DNS server.  And it isn't like *every* sysadmin on this
list hasn't every typed 'shutdown' in the wrong window, or pointed their
default route at an IBM3090 mainframe instead of a router, or similarly
chuckle-headed goof-ups. (You! Back there in the last row - I see you smirking.
You're obviously a newbie sysadmin. Your turn *will* come)....

Yes, there's a place here for policy and education as well - but they
don't substitute for providing a proper environment for testing.

Here's a good policy/education fit-in - if there are hosts that have
to have connectivity (even at different times) on the sandbox and
production nets, make sure proper policies are in place to protect against
the accidental escape of malware. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030528/d41c59aa/attachment-0003.bin


More information about the unisog mailing list