[unisog] Server based scan for student computers

Kent Percival percival at uoguelph.ca
Tue May 17 16:47:11 GMT 2005

> -----Original Message-----
> From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org] On Behalf Of
Paul Seward
> That sounds very much like what we do on our ResNet.  Currently we're
> using a (very site specific and as such not generally fit for public
> consumption) homebrew system.
> The full process goes something like:
> - machine is given a DHCP address on a registration vlan with very limited
> access (they can get to the registration server and windowsupdate but
> that's about it)

A lot of institutions have similar commercial or homebrew implementations.   One thing I'm
concerned about is the exposure on the registration vlan.   During the peak registration
period, there may be several users attempting to register at the same time.  During some
period these machines are on the same and can become aware of each other if the standard
Window's networking is enabled.  Viruses could propagate during this time and personal
information could be exposed.  We all know a lot of damage can be done in a very short
time!  How do you deal with this?


Kent Percival
Office of the CIO
University of Guelph

More information about the unisog mailing list