funsec mailing list archives
Re: on the university problem
From: Jordan Wiens <numatrix () ufl edu>
Date: Mon, 13 Aug 2007 12:16:14 -0400
Not only that, but you also have to weed out the legitimate sites. For example, I found a number of universities discussing comment spam on lists in email, in blogs, etc, that weren't spammed themselves. It seems that universities are more likely to be discussing such things on the web than .gov (baring maybe FDA and /maybe/ FTC) domains, so I don't know that that's a valid measure.
-- Jordan Wiens, CISSP UF Network Security Engineer (352)392-2061 On Aug 13, 2007, at 12:00 PM, Sean Donelan wrote:
That assumes that all government sites have network addresses with .gov or for that matter all educational organizations have .edu.Unfortunately, unless you find out the account owner from the ISP oftentimes you don't know the real organization type behind it. A lot of small government branch offices use dsl/modem connections. On Mon, 13 Aug 2007, Alex Eckelberry wrote:It's fairly easy to test this, just run Google searches on various porn terms or sleazy marketing terms (free casino, free ringtones, etc.) with site:.edu or site:.gov as operators. It's clear it's far, far more of aproblem in the .edu space than at least .gov, largely because of the reasons everyone knows (unpatched open source, etc.). -----Original Message----- From: Sean Donelan [mailto:sean () donelan com] Sent: Monday, August 13, 2007 11:04 AM To: Jordan Wiens Cc: Alex Eckelberry; funsec () linuxbox org Subject: Re: [funsec] on the university problem On Sun, 12 Aug 2007, Jordan Wiens wrote:Now if anyone wants to gather some /real numbers/ showing Universitiesare or aren't more of a problem, maybe we can stop making up guesses one way or the other.Universities are probably not any more OR less of a problem than any other organization with connections to the Internet. Fortune 1000,government, non-profits, for-profits, domestic, international, etc. Youname it and they probably have had, have or will have a problem. Even "Internet security consultants" have had bugs, lost laptops, compromised computers, fraud and theft happen.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- on the university problem Alex Eckelberry (Aug 10)
- Re: on the university problem Jordan Wiens (Aug 12)
- Re: on the university problem Dude VanWinkle (Aug 12)
- Re: on the university problem Dude VanWinkle (Aug 12)
- Re: on the university problem Valdis . Kletnieks (Aug 12)
- Re: on the university problem Dude VanWinkle (Aug 12)
- Re: on the university problem Sean Donelan (Aug 13)
- RE: on the university problem Alex Eckelberry (Aug 13)
- RE: on the university problem Sean Donelan (Aug 13)
- Re: on the university problem Valdis . Kletnieks (Aug 13)
- Re: on the university problem Jordan Wiens (Aug 13)
- Re: on the university problem Valdis . Kletnieks (Aug 13)
- Re: on the university problem Sean Donelan (Aug 13)
- Re: on the university problem Jordan Wiens (Aug 13)
- Re: on the university problem Jordan Wiens (Aug 12)
- Re: on the university problem Jeff Kell (Aug 14)
- Re: on the university problem Robert Kim Wireless Internet Advisor (Aug 13)