--- TIC-TECH message:
Here's something that might help with understanding what
I'm guessing Judy McNamee (SSD Computer Operations) is
acting upon.
(the URL below is a two-liner, use both lines - ma)
http://www.securiteam.com/securityreviews/
The_risks_of_using_an_AOL_client_behind_a_firewall.html
What's not so clear to me is why this action is being taken
so suddenly now. After all, this security weakness has been
published to the Internet as far back as 1998.
I guess I just don't have a warm fuzzy when things happen
without any prior dialogue such as this decision and the
recent prior announcement of a new REQUIRED sole source
vendor for purchasing unmanaged switches.
Just my two cents here ... maybe my biorhythm needs tweaking... :)
I do STRONGLY support the Les Foltos proposal, first suggested
by Mark Ahlness, that seems to encourage more face-to-face
dialogue amongst Tic-Tech folks--I certainly prefer cooperative
management practices. Although, I can recognize the necessity
at times for emergency actions I would like to think they should
not be the norm.
--John Keithly
jkeithly@halcyon.com
Ballard High School
Tech Support
-----Original Message-----
From: McNamee, Judy [mailto:JMCNAMEE@seattleschools.org]
Sent: Friday, January 05, 2001 10:36 AM
To: TIC-TECH@tic.ssd.k12.wa.us
Subject: Tic-Tech: FW: Tic-Tech: AOL Tunnels Will Be Blocked
--- TIC-TECH message:
I'm forwarding a response I just sent to John Keithly because I'm sure
others will be interested in the additional information.
Thanks,
Judy
-----Original Message-----
From: McNamee, Judy
Sent: Friday, January 05, 2001 8:39 AM
To: 'John Keithly'
Subject: RE: Tic-Tech: AOL Tunnels Will Be Blocked
I'm afraid I won't be able to answer all your questions this time. I'm not
an AOL user, so I don't know all the applications they have available, or
how each of them is implemented. However, I suspect that blocking the tunnel
will block all the AOL applications, including the standard AOL client. I
know for sure that it will block the AOL@School application, and I expect
that it will block Instant Messaging. Whether AOL web-based email will be
affected depends on whether they use tunneling for email access. Someone
with an AOL account will have to test that to see if it works.
It's unfortunate that AOL has chosen to implement some or all of its
services via tunneling, because the tunnel represents a terrific security
risk. Information we have been receiving indicates that many major companies
are blocking the AOL tunneling because of the risk. Perhaps AOL will modify
their implementation at some point in the future.
Thanks,
Judy
-----Original Message-----
From: John Keithly [mailto:jkeithly@halcyon.com]
Sent: Thursday, January 04, 2001 7:01 PM
To: Judy McNamee
Subject: RE: Tic-Tech: AOL Tunnels Will Be Blocked
Which AOL tunneling client are you referring to here?
Are you speaking of AOL Instant Messaging?
Or is there something else that will be affected that
I'm not aware of?
Although your technical comments are clearly stated
it would be especially beneficial if you could explain
the consequences of your actions in plain (non-technical)
English.
I'd particularly like to know what services will be
curtailed that will affect our clients.
Thanks
--John
-----Original Message-----
From: McNamee, Judy [mailto:JMCNAMEE@seattleschools.org]
Sent: Thursday, January 04, 2001 12:15 PM
To: TIC-TECH@tic.ssd.k12.wa.us
Subject: Tic-Tech: AOL Tunnels Will Be Blocked
--- TIC-TECH message:
Hello,
Effective immediately, AOL tunnels through the district's firewall will be
blocked. The reason for the block is that the tunnels represent a severe
security risk, essentially bypassing all security provided by the district
firewall and opening district computers to unrestricted access from outside.
Blocking of AOL tunneling means that AOL clients cannot be used inside the
district network.
Thanks,
Judy
------------------------------------------------------
Judy McNamee
Manager, Computer Operations
Seattle Public Schools
Voice: 206-252-0306
Fax: 206-252-0301
jmcnamee@seattleschools.org
-------------------------------------------------------
- End TIC-TECH message. To join, leave, or visit
the message archive, go to Tic-Tech on the Web:
http://fp.seattleschools.org/fpclass/tic-tech/
- End TIC-TECH message. To join, leave, or visit
the message archive, go to Tic-Tech on the Web:
http://fp.seattleschools.org/fpclass/tic-tech/
- End TIC-TECH message. To join, leave, or visit
the message archive, go to Tic-Tech on the Web:
http://fp.seattleschools.org/fpclass/tic-tech/
This archive was generated by hypermail 2b29 : Sat Jan 06 2001 - 20:49:03 PST