[unisog] Appropriate University/Internet blocks

Gasper, Rick rjgasper at kings.edu
Wed Jun 16 15:18:31 GMT 2004

We had blocked all udp packets to the dorms (except dns, dhcp). That
broke a bunch of things (gaming comes to mind), but it shut down a P2p
app we couldn't contain. IT also stopped a couple of viruses as well.

We are probably going to reopen the ports in the fall.

Rick Gasper
Manager Network Services
King's College
Wilkes-Barre PA 18711
rjgasper at kings.edu
PH:  570-208-5845
Fax: 570-208-6072

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Tom Conley
Sent: Wednesday, June 16, 2004 10:21 AM
To: SECURITY at LISTSERV.EDUCAUSE.EDU; UNIversity Security Operations Group
Cc: watkins at ohio.edu; thomasj4 at ohio.edu; reid at ohio.edu
Subject: [unisog] Appropriate University/Internet blocks

This is a hackneyed old question, but one we are still struggling with:

What is the appropriate level of filtering or port blocking at A 
University/Internet border?

Specifically, what ports or packets are y'all (other universities) 
currently blocking?  Do you have router configurations that you can
Do you use an IP blacklist?  Are the "blacklist" and "ports list"
or do the blocks "time out" automatically?  How do you manage all this?

It seems [obvious] that the recommendations made for other industries
not generally accepted at universities.  But what is acceptable?

Any feedback is appreciated.  Feel free to contact me off-list if you 



Tom Conley, CISSP
Network Security
Ohio University
conleyt at ohio.edu
security at ohio.edu
unisog mailing list
unisog at lists.sans.org

More information about the unisog mailing list