Comment One Solution (Score 1) 106
I am also in a university setting and a similar thing recently happened. Our network had over 100 machines which allowed spam relaying. The owners of these machines were given instructions twice and if they still had not compiled their network ports were deactivated untill the could show that they had taken the steps required.
Also a monthly meetings are schedualed where the University admins show others how to fix common security holes. If a machine is shown to have these problems they are informed via email about the meetings, and if they do not attend, or at least do not give reason for not attending their network ports are deactivated.
It seems that when ever a port is turned off the user will generally fix the problem within a few hours, even if it means using another computer to dl the latest version or patch and using zipdisks to transfer to the machine in question.
Also a monthly meetings are schedualed where the University admins show others how to fix common security holes. If a machine is shown to have these problems they are informed via email about the meetings, and if they do not attend, or at least do not give reason for not attending their network ports are deactivated.
It seems that when ever a port is turned off the user will generally fix the problem within a few hours, even if it means using another computer to dl the latest version or patch and using zipdisks to transfer to the machine in question.
