Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing University Residential Networks?

Posted by Cliff on from the taming-the-wilder-networks dept.

campusNetworkWatcher asks: "I work for a large University that allows wide open access to most of its networks. There is no firewall of any type, and this is not likely to change in the future. A problem spot I see are the residential networks. For the most part, it is filled with un-patched Windows machines run by non-security-centric users just waiting for the newest virus/worm/trojan. Recent events, and an onslaught of DMCA violations have caught the attention of my superiors (as well as his superiors), but there is little we can do once we track down a compromised machine. With a couple of exceptions, in a couple of departments, there is no group will to do desktop support of student machines. We can tell a user he or she is compromised, but lack the enforcement to make the user fix the problem. My group strongly advocates an open academic environment, but if the network is too open it may negatively affect the people we are running it for. I feel like this must be a problem for many other universities and was wondering how others have handled it (blanket port blocking of NetBIOS, established only traffic, or other options). I am looking for non-intrusive suggestions for protecting the network, while allowing as much access as possible to the students. Any suggestions?"

2 of 55 comments (clear)

  1. tsarkon reports - teh futare of SLASHDOT fuckers by Anonymous Coward · · Score: -1, Offtopic
    The Future of SLASHDOT.

    2002. Slashdot publishes 1,000,000th rumor passed off as actual story. The story generates 480 comments, 263 of which agree with the article, and 107 of which point out it's a rumor and are modded down as redundant. The remaining comments are all "first posts." or posts that contain any rational insight are modded "troll."

    2002. CmdrTaco married to a human female, reports are that she does not have 46 chromosomes, however. Fent does display tendency to retardation.

    2002. Slashdot parent corporation VA Research^W Linux^W Software stock worth 35 cents. Rumors that AOL, Microsoft, or even Jimmy the hobo who lives under the Longfellow Bridge may buy it.

    2003. VA Software bought by Microsoft for a cup of coffee and a donut. All Microsoft-critical articles mysteriously disappear from Slashdot. Bill Gates as Borg logo replaced with Bill Gates as God. (Taco suggested that in order to be "God," or his vision of God, Gates would have to be seen in a NAMBLA T-shirt. Luckily good taste prevails in favor of the old man image in glowing aura.)

    2004. CmdrTaco loses virginity, well, not sex with men virginity, that's long since gone, and not sex with anime blow up dolls, this time, real sex.

    2004. The WIPO Troll returns again, showering Slashdot in 45,000 copies of the same post: "Lick my crotch hairs." Slashdot, despite running on 18 redundant IIS/8.0Beta6 servers, buckles under the load. The term "Slashdotted" is replaced with "WIPO-Trolled."

    2004. Slashdot officially shut down. Millions of screaming, unwashed geeks invade Redmond campus and lynch Bill Gates.

    2005. Linus Torvalds and Anal Cox found dead along with six penguins, a tub of crisco and several used condoms. FreeBSD users are glad the insanity is dying.

    2005. CmdrTaco rumored to have had sex again, even with constant Viagra therapy, it took this long. He complains, I can be ready to go again in five minutes if I was looking at a nude man, to the dyslexic Fent.

    2006. CowboiKneel found dead in hotel room with 56 pizza boxes covering his bloated corpse. Three suffocated gay prostitutes are extracted from beneath his body as police remove it with a backhoe.

    2007. CmdrTaco actually has sex again, this time plugging Fent in the ass for a more manlike feel.

    2007. BSD is still officially "dying." No word on when its demise will take place. FreeBSD 9 is delivered in perfect working order in a coherent superior, commercially viable and useable fashion with real documentation, the same practice followed since inception. Linux lunatics, after the death of Cox, are still trying to perfect the Trident driver while ignoring the existence of the GeForce 9. Netcraft dies along with all the surveys they held on Microsoft and Linux servers are lost as well.

    2007. CmdrTaco starts new weblog to replace Slashdot, creatively named Dotslash. Remainder of Linux users flock to the site and immediate WIPO-Troll it out of existence.

    2007. Box running FreeBSD for 6 years sets world record for Unix uptime on consumer hardware.

    2008. CmdrTaco has sex with his wife for the first time without thinking of men. He has dawned on the extra sexual pick me up for his twisted mind, small children.

    A long long fucking time from now. Malda, fat, poverty-stricken, unrespected and unremembered and living in an appliance box in Michigan with a pickle jar for a toilet comes to a series of epiphanies. The 8.3 file system that made him truncate his nick to an 8 letter series of characters has long been forgotten, and he finally realizes he looks like a fag using it. He also realizes that men's asses look like tacos, especially with the beef pouring out and that his name sounds more like Commander of Ass, since one can command asses because the belong potentially to sent

  2. Show them the software license. by stienman · · Score: 0, Offtopic

    Show them the software license, specicfically section seven which may or may not apply, and sections 11 and 12 which do apply:

    Section 7 (in part): If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.

    Section 11 (all): BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

    Section 12 (all): IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

    So the straight answer is that the word indemnification does not occur in the license. Whether the license has no, little, or good indemnification should be judged by a lawyer. It seems as though the GPL protects those who wrote, modified, and distributed the programs in question from those who use the program, but doesn't seem to extend any special protections to those who use the program from their customers or other third parties.

    -Adam

    "I'm not a lawyer, but I play one on slashdot..."