Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sniffer notification

From: "Dan Schneider (Network Administrator)" <DSchneider () DOANE EDU>
Date: Tue, 23 Mar 2004 10:52:12 -0600
We have the same problem.  My guess would be tons of Spyware on their
PC's.  Late last fall, we gave the RD's and RA's CDs with anti-Spyware
products (i.e., Spybot, Adaware, etc...) and had them have students
install it on their PCs.  This has helped calm down mysterious traffic
from dorms quite a bit.  We also install it on staff/faculty PCs
religiously now.

*********************************************
Dan Schneider, Network Administrator
Doane College
1014 Boswell Ave.
Crete, NE  68333
VOICE:  (402) 826-8298
E-MAIL:  DSchneider () doane edu
*********************************************


-----Original Message-----
From: Cal Frye [mailto:cjf () CALFRYE COM] 
Sent: Tuesday, March 23, 2004 10:28 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Sniffer notification


At the moment, we have several dorms complaining of general network
congestion or sluggishness, including the inability to maintain
connections with some of our own servers. We've checked wiring, switch
configuration, errors on the ports, much statistical and aggregate
analysis. We're searching for signs of specific troubles in
client-server connections, which pretty much means we need to sniff
traces and see what's going on. Could be virus-related activity that is
blocked from campus upstream, might be within-dorm P2P activity we're
also not seeing.

We want to work with some of the squeakiest wheels and see what's
interrupting their attempts to contact our servers.

--Cal Frye, Network Administrator, Oberlin College
  www.ouuf.org, www.calfrye.com

   "What a school thinks about libraries is a measure of what it thinks
about education"

Doug Sandford wrote:

I would be interested to know what circumstances led you and others to



move forward with the Sniffer project. Several factions here have 
resisted the process because of perceived privacy issues, thus the 
delay/hesitancy. Was your decision driven by the recent spate of virus



and 'compromised host' issues?


**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: