[unisog] Server based scan for student computers
hhoffman at ip-solutions.net
Fri May 13 18:44:50 GMT 2005
We do this currently using Linux, Apache, Squid, SquidGuard, Nessus, and
It works pretty well but there are some gotchas in terms of checking for
virus updates, and OS updates (ie -> user downloaded them but didn't
actually apply them). Also, with the advent of per-host firewalls
scanning them with Nessus becomes a real pain (for little result?).
Ideally a program that they download and run which sends the results
somewhere would, potentially, be much more reliable. That is until
someone figures out how-to subvert that process.
One of my colleagues is currently undertaking the re-writing of our
codebase into something we can distribute (unleash upon) to the public.
The timeframe for this is at least 3months away but if anyone is
interested we can post here when it's done.
Andy Druda wrote:
> We are looking to setup a browser-based (at least the entry point)
> system which new student's computers will be directed to until they are
> registered. We want to check for anti-virus software, updates for such,
> presence of: viruses, current patches and other security problems.
> We would rather not have the expense of a commercial product but we are
> not even sure what some of the commercial products actually do so they
> may even be worth some cost.
> Once certified as safe the student will then be led to a registration
> system which will place them in the normal resnet VLAN.
> Can some of you who do this tell me what your using?
More information about the unisog