I have to agree with David. The person with the most firewalls won't win the battle. Diversity is good - security in layers. I'm always scared of that user that comes in from vacation then jacks into the network. Today I went out to all the little programs to update their computers. I also try to keep the users posted about this stuff, especially the RNESU office staff. Education and awareness goes a long way. My two bytes about Microsoft -- Microsoft has some great tools. They are un-secure in the wrong hands, just like Linux and FreeBSD. I read somewhere that Linux hacks are on the rise - may have been The Register. As more people adopt Linux you will start to see this type of activity increase. Since MS has most of the market share they are the target and like David said we should diversify to deflect attacks suck as the sasser worm. This was the first year I attended the conference at South Burlington and I came away with a lot to think about. You guys are awesome and did a great job! Plus I won an hour of Lambert's time! Thanks, Paul Wood RNESU -----Original Message----- From: School Information Technology Discussion [mailto:[log in to unmask]] On Behalf Of Dave Tisdell Sent: Tuesday, May 04, 2004 4:17 PM To: [log in to unmask] Subject: Re: Security Dennis, I respectfully disagree. A firewall is not a guarantee of protection. It is a vitally important security component but really savvy people can find ways around them. More importantly, It does not protect against the mobile user that has been outside your network, gotten infected with something, and then plugs into your network. If it is a worm, it will immediately begin scanning for open ports and replicate itself on any machine that does not have virus signature files and/or patches up to date. A firewall will also not protect against the user who deliberately unleashes some sort of attack from within. I suppose this begs the question of whether or not we should put a personal firewall on every computer. Personally, I want a product that does not have a big red sign on it that says "attack me". Even if you are a master at firewalls, you have to have ports open to communicate on the internet. If any kind of data can get in, it is possible for the bad stuff to get in. Firewalls only minimize the risk. They don't eliminate it. Micro$oft says that security is their top priority. I still don't see it. Every security class and conference I have ever attended has talked about the importance of platform diversity. Any attack that is an executable must be compiled to run in a particular platform. With diversity, you won't see the kind of disruptions that we have seen over the last few years with Melissa, code red, nimda, Bagle, slammer, etc. It is not good for any vendor to own 90+ percent of the market; whether it be M$, Apple, Linux, Sun etc. Right now, every mid-sized or larger network could employ a person full time devoted to security and we still wouldn't cover all of the bases. Dave David Tisdell. Computer Coordinator Mt. Mansfield Union High School 211 Browns Trace Jericho, VT 05465 802-899-4690 (Voice) 802-899-2904 (Fax) [log in to unmask] (e-mail) >>> [log in to unmask] 5/4/2004 2:36:19 PM >>> Dave, Have a good firewall and know how to manage it and the OS platform on the computer does not matter. Dennis Beloin -----Original Message----- From: Dave Tisdell [mailto:[log in to unmask]] Sent: Tuesday, May 04, 2004 1:13 PM To: [log in to unmask] Subject: Security Hi all, After last Friday's conference at South Burlington, Security has been on my mind even more than usual. Just today, I had my antivirus software popup and tell me it had taken care of an infection attempt by sasser. My paranoia level went up even more than usual. Since we centrally manage our antivirus updates, how did a machine get infected that was trying to infect other machines on our network? Simply by chance, I came across a mobile user from central office who had plugged into our network and was infected. This mobile user goes to most of the schools in the district and uses dial up from home. The machine is set to get its updates directly from symantec. The signature file in use was only a few days old but too old for sasser. If as a group of technology people we could get away from a Windows centric view of the world, we would be much better off security wise. Just like Bio diversity, platform diversity is healthy. We invest huge amounts of dollars into security and virus protection (more on that than enhancement of instruction). If we had more platform diversity, it would make things tougher for the bad guys. I would like to have all my mobile users like the case I mentioned at the beginning be either on Macs or Linux laptops. They would be much less likely to be the target of the latest worm on the net. Unfortunately, many tech support people walk around saying I hate ______(fill in platform of choice). Should we be so closed minded (I have to admit an antimicrosoft bias)? If we had diversity, we might not have to scramble so much when the latest threat pops up. Let the discussion begin!!!! Dave P.S sorry for the cross posts David Tisdell. Computer Coordinator Mt. Mansfield Union High School 211 Browns Trace Jericho, VT 05465 802-899-4690 (Voice) 802-899-2904 (Fax) [log in to unmask] (e-mail) This e-mail may contain information protected under the Family Educational Rights and Privacy Act (FERPA). If this e-mail contains student information and you are not entitled to access such information under FERPA, please notify the sender. Federal regulations require that you destroy this e-mail without reviewing it and you may not forward it to anyone. This e-mail may contain information protected under the Family Educational Rights and Privacy Act (FERPA). If this e-mail contains student information and you are not entitled to access such information under FERPA, please notify the sender. Federal regulations require that you destroy this e-mail without reviewing it and you may not forward it to anyone.