sasser virus (was Re: [unisog] student fees for cleaning.)

Gary Flynn flynngn at jmu.edu
Sat May 8 17:23:22 GMT 2004


John Kristoff wrote:

>This stuff is all great and many institutions are moving to an automated
>scan on attachment/authentication system.  This will help a lot, but as
>something like the XP firewall gets enabled by default it will be harder
>to tell if a system is in fact compromised.
>
This is true but an agent based system on the client, whether a domain
login or something else, can still detect problems. NIDS in general will
go the way of the dodo as more and more things get encrypted and use
HTTP. Everything will be host based or need a common SSL termination
point. We'll be back to securing the hosts instead of trying to secure the
perimeter. :)

Some will say that agents are intrusive but we're finally going to have
to start thinking about the desktop as part of the IT infrastructure
instead of separately maintained appendages. Student machines aren't
as cut and dried but if they're on an institution's network, I think the
institution has some right to decide what configuration and software
needs to be running to protect the institution's network.






More information about the unisog mailing list