Educause Security Discussion mailing list archives
Re: spyware defense trick
From: Gary Dobbins <dobbins () ND EDU>
Date: Tue, 4 May 2004 13:22:15 -0500
At this point, it's more of an "academic" question. The incidence curve is up, so it may only be a matter of time, and our HelpDesk load from it is rising. Just trying to be proactive, in case this becomes a more serious jeopardy. Jere Retzer wrote:
Out of curiousity, do you/your university consider spyware a minor nuisance that your users need to deal with or something more serious that should be dealt with at an institutional level? A recent article in one of the trade papers said that institutions worried about privacy directives are concerned and looking for ways to actively address spyware. I've wondered for sometime if HIPAA should induce some action on our part. It seems like, in theory some of these agents could expose protected health information (PHI) although I know of no cases where this has happened, so I do not think we have a validated threat. ThanksTravis_Niedens () REDLANDS EDU 5/4/2004 10:50:25 AM >>>I have thought about doing this, however, I have noticed that some Spyware products like HotBar just use the IP address vs. a name. Travis -----Original Message----- From: Gary Dobbins [mailto:dobbins () ND EDU] Sent: Tuesday, May 04, 2004 10:47 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] spyware defense trick Is anyone using, or considering, using campus DNS to misdirect hostnames of known spyware-installing sites, as a way to stem the tide of this nuisance? We're handling many "infected" machines, to the point where the cost is becoming a burden. Some systemic defense is called-for. -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
-- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- spyware defense trick Gary Dobbins (May 04)
- <Possible follow-ups>
- Re: spyware defense trick Niedens, Travis (May 04)
- Re: spyware defense trick Jere Retzer (May 04)
- Re: spyware defense trick Gary Dobbins (May 04)
- Re: spyware defense trick Jere Retzer (May 04)
- Re: spyware defense trick Pete Hoffswell (May 04)
- Re: spyware defense trick Gary Dobbins (May 04)
- Re: spyware defense trick Cal Frye (May 06)
- Re: spyware defense trick Brian K. Wheeler (May 06)