All AIS Servers and Workstations are being protected by the Intrusion Prevention System. There are currently a couple of exceptions to that right now do to some notifications not being totally completed, but 99% of our systems are currently behind the IPS. AIS is responseible for most administrative systems of the university including SIS, Stuinfo, Financials, etc. A more detailed list of our services can be found at http://ntweb1.ais.msu.edu/d5211/services.htm . In addition we host several dozen servers for clients such as Human Resources, Housing, Registrar, Financial Aid, and Admissions to name a few. I believe there are desires to implement something on a larger scale, but I don't know that they have come to fruition yet at this point. Our implementation was done independent of anything ACNS is planning to do for the entire campus, although we have been sharing information about our implementation and what we are seeing with ACNS. -tim _____ Timothy D. First, MCSE, CNA [log in to unmask] Sr. Information Technologist (517) 353-4420 x335 Administrative Information Services Fax: (517) 355-5176 Michigan State University -----Original Message----- From: Lee Duynslager [mailto:[log in to unmask]] Sent: Monday, August 30, 2004 1:30 PM To: [log in to unmask] Subject: [MSUNAG] Description: AIS implementing Intrusion Prevention System I notice that AIS is implementing an IPS intrusion prevention system. If so, what systems is AIS responsible for which will be protected by this IPS? Are there any plans in the near future to implement such a system for the whole msu.edu domain? See Link Below: http://contact.cl.msu.edu/status/status_detail.php?id=000000000000410 Lee Duynslager Lee Duynslager Information Technologist Integrated Plant Systems Michigan State University (517) 432-5296 _____ This message has been sanitized - it may have been altered to improve security, as described below. Sanitizer (start="1093886002"): Part (pos="2227"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="598"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="659"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="590"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="677"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="527"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="526"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="525"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="718"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="518"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="758"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="523"): SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (names="unnamed.txt", rule="2"): Enforced policy: accept Part (pos="4392"): SanitizeFile (filename="unnamed.html", mimetype="text/html"): Match (rule="default"): Enforced policy: accept Note: Styles and layers give attackers many tools to fool the user and common browsers interpret Javascript code found within style definitions. References: - http://www.securityfocus.com/bid/630 - http://archives.indenial.com/hypermail/bugtraq/2001/January2001/0512.htm l Rewrote HTML tag: >>_style_0 _/STYLE_<< as: >>_MODIFIED_style_0 _/STYLE_<< Rewrote HTML tag: >>_DIV dir=ltr align=left_<< as: >>_p__MODIFIED_DIV dir=ltr align=left_<< Rewrote HTML tag: >>_SPAN class=405170617-30082004_<< as: >>_MODIFIED_SPAN class=405170617-30082004_<< Rewrote HTML tag: >>_/SPAN_<< as: >>_/MODIFIED_SPAN_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV dir=ltr align=left_<< as: >>_p__MODIFIED_DIV dir=ltr align=left_<< Rewrote HTML tag: >>_SPAN class=405170617-30082004_<< as: >>_MODIFIED_SPAN class=405170617-30082004_<< Rewrote HTML tag: >>_/SPAN_<< as: >>_/MODIFIED_SPAN_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV dir=ltr align=left_<< as: >>_p__MODIFIED_DIV dir=ltr align=left_<< Rewrote HTML tag: >>_SPAN class=405170617-30082004_<< as: >>_MODIFIED_SPAN class=405170617-30082004_<< Rewrote HTML tag: >>_/SPAN_<< as: >>_/MODIFIED_SPAN_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV align=left_<< as: >>_p__MODIFIED_DIV align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left_<< as: >>_p__MODIFIED_DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV dir=ltr align=left_<< as: >>_p__MODIFIED_DIV dir=ltr align=left_<< Rewrote HTML tag: >>_SPAN class=754252515-30082004_<< as: >>_MODIFIED_SPAN class=754252515-30082004_<< Rewrote HTML tag: >>_/SPAN_<< as: >>_/MODIFIED_SPAN_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left_<< as: >>_p__MODIFIED_DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_BLOCKQUOTE dir=ltr style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px"_<< as: >>_BLOCKQUOTE dir="ltr" MODIFIED_style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px"_<< Rewrote HTML tag: >>_DIV style="FONT: 10pt arial"_<< as: >>_p__MODIFIED_DIV style="FONT: 10pt arial"_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"_<< as: >>_p__MODIFIED_DIV style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV style="FONT: 10pt arial"_<< as: >>_p__MODIFIED_DIV style="FONT: 10pt arial"_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV style="FONT: 10pt arial"_<< as: >>_p__MODIFIED_DIV style="FONT: 10pt arial"_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV style="FONT: 10pt arial"_<< as: >>_p__MODIFIED_DIV style="FONT: 10pt arial"_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV_<< as: >>_p__MODIFIED_DIV_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Rewrote HTML tag: >>_DIV class=moz-signature_<< as: >>_p__MODIFIED_DIV class=moz-signature_<< Rewrote HTML tag: >>_/DIV_<< as: >>_/p__MODIFIED_DIV_<< Total modifications so far: 64 See http://help.msu.edu/mail/sanitizer.html for more information.