[unisog] Sightly OT: Re: [unisog] University virus-writing
Phillip G Deneault
deneault at WPI.EDU
Thu May 29 20:47:56 GMT 2003
On Thu, 29 May 2003, Pascal Meunier wrote:
> On 5/28/03 7:59 PM, "Phillip G Deneault" <deneault at WPI.EDU> wrote:
> > I had a professor who was interested in creating a research project. It
> > was to be a grand security system encompassing dynamic intrusion
> > detection, malware defeating agents, and some kind of unspecified
> > central management system. I read his proposals and his timetables. At
> > its peak, the project would employ or involve no less than 20 people
> > including about a dozen grad students, several full time staff members,
> > and about a half-dozen faculity. The project would run its course over
> > four years.
> This sounds more like a software engineering project than a research
> project; if so it should be funded by venture capitalists and not research
> money. Is he a software engineer who has been involved in a project of this
> magnitude before?
> Do they have a professional, full-time project manager
> (not a faculty member) worth his salt?
The plan is to hire one but I don't know who so I cannot comment on
> People tend to underestimate
> software development, management, architecture, support and security
Which I think it something that has happened, or at the very least I think
the professor is underestimating the amount of work necessary for running
this project. Even the timetable(4 years) seems small when you consider
the fact that grad students are on a 2-3 year rotation and if anyone
leaves(student or staff) there'll be at least 6 months of training on the
project to bring someone else fully up to speed.
> I think I understand your concerns, and if I was involved, I'd question why
> the live remote testing is needed, and suggest instead that they have a
> remotely accessible isolated test environment, where they would login using
> ssh or ssl into a single box that would firewall them off and serve their
> requests and present them with the results.
When I suggested this concept to the professor when this was still in the
very early planning stages, I was looked at with shock. That I even
suggested an isolated environment was to invite demons from the beyond
into the room. We have a public class B with very little in the way of
firewall rules. Sometimes, when I suggest that people need to be
responsible for their actions even on an educational network, people
overreact(and sometimes underreact).
> Live attacks on the internet
> sound like a very bad idea. There *will* be bugs in their attack software,
> and bad commands *will* be entered. People need to be protected from them.
I agree, but how do I explain this idea to someone who doesn't seem to
understand information and network security? When I suggested what you
mentioned above, I think he took it as an insult, as if he'd never made a
mistake in his life.
Phil Deneault "We work in the dark, We do what we can,
deneault at wpi.edu We give what we have. Our doubt is our passion,
WPI NetOps and our passion is our task. The rest is the
InfoSec maddness of art." - Henry James
More information about the unisog