RE: on the university problem

[Sean Donelan <sean () donelan com>]

That assumes that all government sites have network addresses with .gov 
or for that matter all educational organizations have .edu.

Unfortunately, unless you find out the account owner from the ISP often
times you don't know the real organization type behind it.  A lot of
small government branch offices use dsl/modem connections.


On Mon, 13 Aug 2007, Alex Eckelberry wrote:
> It's fairly easy to test this, just run Google searches on various porn
> terms or sleazy marketing terms (free casino, free ringtones, etc.) with
> site:.edu or site:.gov as operators.  It's clear it's far, far more of a
> problem in the .edu space than at least .gov, largely because of the
> reasons everyone knows (unpatched open source, etc.).
>
> -----Original Message-----
> From: Sean Donelan [mailto:sean () donelan com]
> Sent: Monday, August 13, 2007 11:04 AM
> To: Jordan Wiens
> Cc: Alex Eckelberry; funsec () linuxbox org
> Subject: Re: [funsec] on the university problem
>
> On Sun, 12 Aug 2007, Jordan Wiens wrote:
> > Now if anyone wants to gather some /real numbers/ showing Universities
>
> > are or aren't more of a problem, maybe we can stop making up guesses
> > one way or the other.
>
> Universities are probably not any more OR less of a problem than any
> other organization with connections to the Internet.  Fortune 1000,
> government, non-profits, for-profits, domestic, international, etc.  You
> name it and they probably have had, have or will have a problem.
>
> Even "Internet security consultants" have had bugs, lost laptops,
> compromised computers, fraud and theft happen.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.