Eric et al:
Is the problem sites, or individual users on the sites? To me, its the
users who are the problem. For example, we are an educational
institution, and encourage learning in the use of computer technology. We
do not know how this learning will take place. While we have policies on
proper use, someone may be exploring and pick up a rogue shell script and
give it a try. They may not find out until after the fact that this was a
really bad idea (and stupid..they should know what they are using).
Do you kick domain *.purdue.edu off the net for this, or just the errant
user? I think we're dealing with individuals behavior, not the
institutions. I have no problem with blocking individual users out...
some should be restricted for sure!
Something to think about....
>There seems to be a large interest in this issue (15 responses in less
>than 24 hours). I assume that represents a larger group of people
>who would like to see such a list, but declined to respond to email.
>I guess this brings up the following questions:
>
> How is the list formatted?
> How do sites get on/off the list?
> Where will the list be stored? (Not on my machine!;-)
>
>I would like to suggest the following format (To be condensed and
>abbreviated later)
>
> # of complaints|Date of last
>Site Name | Site type| received by me |complaint |Probe types|Comments
>----------|----------|----------------|-------------|-----------|--------
>netcom.com|Pub Acc. | 3 | 8/24/94 |sendmail |Very aggressive against crackers/SLIP lines
>
>Site types:
>-----------
>K12 K-12th grade school
>JC Junior college
>U University/college
>PA Public Access
>C Commercial site
> More to be defined later
>
>Probe Types:
>------------
>SM Sendmail
>FR rsh with -froot
>FTP Attempted FTP snarf
>BL Bogus logins (guest/root/bbs/games/etc.)
> More to be defined later....
>
>A site gets put on the list once it is reported to the list maintainer by root
>at a site. (This at least gives us a little bit of verification.)
>
>A site, once on the list, stays on the list until that site is off the net.
>This is why the date field exists.
>
>And I am very interested in keeping this list of off my site if at all possible.
>
>
>Any comments?
>
>
>>>>Ericw
>
>
----------------------------------------------------------------------
Internet: mshines @
ia .
purdue .
edu | Michael S. Hines
Bitnet: michaelh @
purccvm | Sr. Information Systems Auditor
Purdue WIZARD Mail: MSHINES | Purdue University
GTE Net Voice: (317) 494-5845 | 1065 Freehafer Hall
GTE Net FAX: (317) 496-1814 | West Lafayette, IN 47907-1065
CompuServe: 73240,1631 |
America On-Line: mysterios |
Follow-Ups:
|
|
