Educause Security Discussion mailing list archives
Re: Sniffer notification
From: "Dan Schneider (Network Administrator)" <DSchneider () DOANE EDU>
Date: Tue, 23 Mar 2004 10:52:12 -0600
We have the same problem. My guess would be tons of Spyware on their PC's. Late last fall, we gave the RD's and RA's CDs with anti-Spyware products (i.e., Spybot, Adaware, etc...) and had them have students install it on their PCs. This has helped calm down mysterious traffic from dorms quite a bit. We also install it on staff/faculty PCs religiously now. ********************************************* Dan Schneider, Network Administrator Doane College 1014 Boswell Ave. Crete, NE 68333 VOICE: (402) 826-8298 E-MAIL: DSchneider () doane edu ********************************************* -----Original Message----- From: Cal Frye [mailto:cjf () CALFRYE COM] Sent: Tuesday, March 23, 2004 10:28 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Sniffer notification At the moment, we have several dorms complaining of general network congestion or sluggishness, including the inability to maintain connections with some of our own servers. We've checked wiring, switch configuration, errors on the ports, much statistical and aggregate analysis. We're searching for signs of specific troubles in client-server connections, which pretty much means we need to sniff traces and see what's going on. Could be virus-related activity that is blocked from campus upstream, might be within-dorm P2P activity we're also not seeing. We want to work with some of the squeakiest wheels and see what's interrupting their attempts to contact our servers. --Cal Frye, Network Administrator, Oberlin College www.ouuf.org, www.calfrye.com "What a school thinks about libraries is a measure of what it thinks about education" Doug Sandford wrote:
I would be interested to know what circumstances led you and others to
move forward with the Sniffer project. Several factions here have resisted the process because of perceived privacy issues, thus the delay/hesitancy. Was your decision driven by the recent spate of virus
and 'compromised host' issues?
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Sniffer notification Cal Frye (Mar 23)
- <Possible follow-ups>
- Re: Sniffer notification Doug Sandford (Mar 23)
- Re: Sniffer notification Matthew Keller (Mar 23)
- Re: Sniffer notification Richard Gadsden (Mar 23)
- Re: Sniffer notification Tracy Mitrano (Mar 23)
- Re: Sniffer notification Brian Reilly (Mar 23)
- Re: Sniffer notification Neil_Sachnoff (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification Dan Schneider (Network Administrator) (Mar 23)
- Re: Sniffer notification Doug Sandford (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification David L. Wasley (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification Carol Myers (Mar 23)
- Re: Sniffer notification Brian Reilly (Mar 23)
- Re: Sniffer notification Brian Kaye (Mar 24)
- Re: Sniffer notification Brian Eckman (Mar 24)
- Re: Sniffer notification Bruggeman, John (Mar 24)