[unisog] Appropriate University/Internet blocks

Gasper, Rick rjgasper at kings.edu
Wed Jun 16 15:18:31 GMT 2004


We had blocked all udp packets to the dorms (except dns, dhcp). That
broke a bunch of things (gaming comes to mind), but it shut down a P2p
app we couldn't contain. IT also stopped a couple of viruses as well.

We are probably going to reopen the ports in the fall.

Rick Gasper
Manager Network Services
King's College
Wilkes-Barre PA 18711
rjgasper at kings.edu
PH:  570-208-5845
Fax: 570-208-6072

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Tom Conley
Sent: Wednesday, June 16, 2004 10:21 AM
To: SECURITY at LISTSERV.EDUCAUSE.EDU; UNIversity Security Operations Group
Cc: watkins at ohio.edu; thomasj4 at ohio.edu; reid at ohio.edu
Subject: [unisog] Appropriate University/Internet blocks

This is a hackneyed old question, but one we are still struggling with:

What is the appropriate level of filtering or port blocking at A 
University/Internet border?

Specifically, what ports or packets are y'all (other universities) 
currently blocking?  Do you have router configurations that you can
share? 
Do you use an IP blacklist?  Are the "blacklist" and "ports list"
permanent 
or do the blocks "time out" automatically?  How do you manage all this?

It seems [obvious] that the recommendations made for other industries
are 
not generally accepted at universities.  But what is acceptable?

Any feedback is appreciated.  Feel free to contact me off-list if you 
prefer.

Thanks.

Tom

Tom Conley, CISSP
Network Security
Ohio University
740.593.2264
conleyt at ohio.edu
security at ohio.edu
_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog




More information about the unisog mailing list