Educause Security Discussion mailing list archives
Lowering the risk of email hoaxes
From: Kathie Brinkman <brinkmkb () MUOHIO EDU>
Date: Fri, 7 Mar 2003 17:36:08 -0500
I am with Miami University and we have formed a swat team, in reaction to an incident that occurred on our campus this past week - a student, purporting to be the president of the university, sent email to 31,000 email accounts stating that classes were cancelled for the following day. By the end of next week, we will be submitting a report to Miami management on how to lower the risk of email hoaxes. We all know that this is not a simple issue, for a number of reasons. Our current environment is as follows: 1- any student in a residence hall can connect any machine to our wired network; we do not require a MAC registration 2- anyone coming on to campus can connect to our wireless access points without authentication; we syslog the WAPs 3- we control the mail servers on campus (or have trusted departments that control departmental servers) 4- we track ip address assignments issued by our DHCP server (but the assignments are not logged for more than a few days) There is a lot of opportunity for improvement in the environment, but I would like to know what other institutions have found most useful. And, I would be interested in knowing if anyone uses PGP for critical messages. Thanks for your assistance. (Please excuse the duplicate email messages, for those of you who are on both the HDI-EDU and the Educause Security lists). _______________________________ Kathleen B. Brinkman Senior Manager, MCIS Support Desk 312-A Hoyt Hall, Miami University mailto: brinkmkb () muohio edu voice: 513.529.5947 fax: 513.529.1496 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Lowering the risk of email hoaxes Kathie Brinkman (Mar 07)
- <Possible follow-ups>
- Re: Lowering the risk of email hoaxes St. Laurent, Tim (Mar 07)
- Re: Lowering the risk of email hoaxes Gary Dobbins (Mar 08)
- Re: Lowering the risk of email hoaxes Kathie Brinkman (Mar 10)