Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing University Residential Networks?

Posted by Cliff on from the taming-the-wilder-networks dept.

campusNetworkWatcher asks: "I work for a large University that allows wide open access to most of its networks. There is no firewall of any type, and this is not likely to change in the future. A problem spot I see are the residential networks. For the most part, it is filled with un-patched Windows machines run by non-security-centric users just waiting for the newest virus/worm/trojan. Recent events, and an onslaught of DMCA violations have caught the attention of my superiors (as well as his superiors), but there is little we can do once we track down a compromised machine. With a couple of exceptions, in a couple of departments, there is no group will to do desktop support of student machines. We can tell a user he or she is compromised, but lack the enforcement to make the user fix the problem. My group strongly advocates an open academic environment, but if the network is too open it may negatively affect the people we are running it for. I feel like this must be a problem for many other universities and was wondering how others have handled it (blanket port blocking of NetBIOS, established only traffic, or other options). I am looking for non-intrusive suggestions for protecting the network, while allowing as much access as possible to the students. Any suggestions?"

1 of 55 comments (clear)

  1. Show them the software license. by stienman · · Score: 0, Offtopic

    Show them the software license, specicfically section seven which may or may not apply, and sections 11 and 12 which do apply:

    Section 7 (in part): If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.

    Section 11 (all): BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

    Section 12 (all): IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

    So the straight answer is that the word indemnification does not occur in the license. Whether the license has no, little, or good indemnification should be judged by a lawyer. It seems as though the GPL protects those who wrote, modified, and distributed the programs in question from those who use the program, but doesn't seem to extend any special protections to those who use the program from their customers or other third parties.

    -Adam

    "I'm not a lawyer, but I play one on slashdot..."