Comment Good Idea! And I know why... (Score 1) 533
I work for the University of California, at Berkeley, as a System Administrator for Residential Computing. We're the department responsible for the residential network - not the physical portion, but basically everything else. Last year, I was responsible for the security mailing list, meaning I took care of security, abuse, and copyright case for the 6,000+ students living in the dorms here.
Now, the following is in any way, shape, or form, official University Policy, or even opinion. Just my own thoughts & experiences on this subject. Now that that's out of the way...
The majority of the security problems on our network come from Windows 2000. At the beginning of this semester, and last semester, we were flooded with compromised computers - Code Red last year (hundreds of cases), and variations of DarkIRC (which exploits the "no Administrator password" problem) this year. We've spent thousands of dollars (on employee hours only) at least. When we hear about a compromised system, we it's Win2K (twice it's turned out to be Linux though =).
After the first six weeks (meaning, for us, right about now), we've gone through almost every Win2k machine & set an Administrator password, installed Norton, etc - BECAUSE THEY'VE ALL BEEN COMPROMISED. At least all the vulnerable ones. This keeps our Residential Computing Consultants (RCC's) pretty busy, but our network even busier. We lose a lot of bandwidth because of these people as well, which slows down the net for everyone else (we're capped at 60Mbps), and hurts their dorm experiences.
I would vastly prefer Win98 than Win2k on our systems. It's much harder to compromise, since to turn it into a server. Win2k already has all the tools a hacker needs to log in, and attack others - and without the Administrator password, it's all set up for this already! I don't know if WinXP is any better (since I'm not working as Security anymore), but hopefully it is.
It makes sense to get rid of Win2k. People have unpatched versions usually, and frequently no passwords, so they get hacked all the time. I wouldn't mind doing the same thing in Berkeley, but our primary philosophy is Open Network - we don't block anything, we don't tell you what to use, etc. We let you run servers if you want. We have a bandwidth limit now (5GB a week), but that's fairly new too, since we've only recently been capped (thanks to P2P - the dorms were using more bandwidth than the rest of the University combined!!). Other than that, however, Residential Computing is and strives to be the model ISP. We are mostly students ourselves, and so we know what our peers want. And in my opinion, they would all be better of without Win2k.
For more info about Berkeley's Residential Computing, check out http://www.rescomp.berkeley.edu =)
Now, the following is in any way, shape, or form, official University Policy, or even opinion. Just my own thoughts & experiences on this subject. Now that that's out of the way...
The majority of the security problems on our network come from Windows 2000. At the beginning of this semester, and last semester, we were flooded with compromised computers - Code Red last year (hundreds of cases), and variations of DarkIRC (which exploits the "no Administrator password" problem) this year. We've spent thousands of dollars (on employee hours only) at least. When we hear about a compromised system, we it's Win2K (twice it's turned out to be Linux though =).
After the first six weeks (meaning, for us, right about now), we've gone through almost every Win2k machine & set an Administrator password, installed Norton, etc - BECAUSE THEY'VE ALL BEEN COMPROMISED. At least all the vulnerable ones. This keeps our Residential Computing Consultants (RCC's) pretty busy, but our network even busier. We lose a lot of bandwidth because of these people as well, which slows down the net for everyone else (we're capped at 60Mbps), and hurts their dorm experiences.
I would vastly prefer Win98 than Win2k on our systems. It's much harder to compromise, since to turn it into a server. Win2k already has all the tools a hacker needs to log in, and attack others - and without the Administrator password, it's all set up for this already! I don't know if WinXP is any better (since I'm not working as Security anymore), but hopefully it is.
It makes sense to get rid of Win2k. People have unpatched versions usually, and frequently no passwords, so they get hacked all the time. I wouldn't mind doing the same thing in Berkeley, but our primary philosophy is Open Network - we don't block anything, we don't tell you what to use, etc. We let you run servers if you want. We have a bandwidth limit now (5GB a week), but that's fairly new too, since we've only recently been capped (thanks to P2P - the dorms were using more bandwidth than the rest of the University combined!!). Other than that, however, Residential Computing is and strives to be the model ISP. We are mostly students ourselves, and so we know what our peers want. And in my opinion, they would all be better of without Win2k.
For more info about Berkeley's Residential Computing, check out http://www.rescomp.berkeley.edu =)
