>like walking into someone else's house for the
>first time and helping yourself to whatever's in the fridge. My mom
>taught me you just don't DO stuff like that...but some people just
>seem to do it anyway. :-(
Hey... I have to keep my door locked because a friend of mine does this!
If I don't keep the door locked, he will just stop by from time to time,
walk in, and help himself to food... then sit down and watch TV, usually
without even saying hello!!! (yeah, yeah, some friend right)
-chris
<http://www.mythtech.net>
> I guess my opinion, which isn't very popular here, is that unless
>permission has been explicitly given, one should not assume permission
>to a local LAN, or internet access through the LAN.
I admit, I am guilty of this. One two different occasions, I was renting
room space in a hotel/conference center (no, not a sleeping room, but a
meeting room), and I plugged my mac laptop into their marked ethernet
jacks, and used DHCP to gain access, and get out to the internet... and
no, I was not paying for (nor was charged for) use of it (yes, it was an
extra fee if I "officially" wanted to use it).
I'm a baaaad boy Abbot
-chris
<http://www.mythtech.net>
I'm looking for referrals to any decent shipping companies people here
have dealt with in the past. Preferably, ones who can deal with the
transportation of "obsolete" computer equipment within the continental
U.S. I've got a lead on a couple of moderate sized computer systems,
about 2.25ft x 4.20ft x 5ft in size, and probably around 800lbs each.
(The weight is just a guess.) I'd need door-to-door service on this
one. Someone who can pick them up at a loading dock, and wheel them
into a a garage for me on the other end.
-brian.
On February 2, Jeff Hellige wrote:
> True. I was looking at it from the point as to whether it
> was ok for someone to do it at all, regardless of what thier motives
> might be behind it or whether the network was secure enough to handle
> it if someone did happen to do so. With our LAN for instance, we
Well don't take my first comment the wrong way...it's certainly RUDE
at the very least...like walking into someone else's house for the
first time and helping yourself to whatever's in the fridge. My mom
taught me you just don't DO stuff like that...but some people just
seem to do it anyway. :-(
> don't enable or allow DHCP at all...everyone is on static IP
> addresses. We're always having to track down conflicts though
> because there's a small group within the building that think they can
> do whatever they wish.
Sounds like it's time to break some fingers.
I've been saying that a lot lately. I wonder if I'm becoming less
tolerant of others.
Nah.
-Dave
--
Dave McGuire
St. Petersburg, FL "Less talk. More synthohol." --Lt. Worf
On Feb 2, 20:50, Dave McGuire wrote:
> On February 2, Doc Shipley wrote:
> > This is sort of a sanity check. I'm putting the question here
because
> > of the cumulative years of professional experience here, as well as an
> > "international" perspective.
> >
> > How would you react to a guest in your (not normally open to the
> > public) building plugging a computer into a random ethernet port and
> > asking for a DHCP lease? Is there any non-emergency consideration that
> > would make that appropriate?
No, not on my network. At least, not unless they ask first. I've had to
deal with this a few times, sometimes from students, once or twice from
staff, and a few times from visitors. They wouldn't get a DHCP lease, but
they might try to "borrow" an address. They're usually very surprised when
someone turns up within a few minutes and asks what they're doing.
> In a well-designed network, I wouldn't worry too much about it. On
> an unswitched network with unencrypted root passwords floating around,
> though, I'd have...erm, "issues" with it.
Even on a switched network. Case in point: a couple of weeks ago, someone
plugged an unauthorised laptop (we assume) into our student network. We
surmise that it was misconfigured, it acted as a DHCP server, and gave out
a lot of spurious DHCP responses. Not pretty.
We've noticed a lot of problems with misconfigured Windows 2000 machines in
particular, and do not permit unauthorised machines on our net for that
reason, amongst others. And we can enforce it -- technically, it's theft.
Also consider what could happen if someone plugged in a machine and
masqueraded as a trusted host.
We have facilites to provide addresses to genuine visitors and to protect
them from our users and v.v. We don't allow people to plug random things
into random ports. We don't allow students to plug in laptops; there's
normally no need as we provide a large number of PCs on 24-hour 364-day
access.
> You bring up an interesting point, however. A good (if somewhat
> simplistic) goal for the security of a network might be to say if
> you'd be nervous about someone doing this, then you still have things
> left to fix. :)
Agreed. But there's always something left to fix :-(
--
Pete Peter Turnbull
Network Manager
University of York
On Feb 2, 20:25, Doc wrote:
> A little amplification -
> The building in question is a secured building. Guests are required
> to log in & out, and rooms other than snack area & restrooms are locked.
> It is a government building. Space is donated to a local computer
> group. A member of that group simply plugged into the local LAN. The
> building's rep did state that the port should not have been left hot,
> and nobody has admitted, or claimed, that the member did anything but
> access the internet.
Doesn't matter. A large proportion of computer misuse (figures vary, but
pretty well everyone agrees that they're significant) is from inside, in
any sizable organisation. Suppose someone else was up to no good, the
visiting
machine was insecure (highly probable), and was spotted by a scanner. It
becomes a gateway.
> I guess my opinion, which isn't very popular here, is that unless
> permission has been explicitly given, one should not assume permission
> to a local LAN, or internet access through the LAN.
You won't get any argument against that from me :-)
--
Pete Peter Turnbull
Network Manager
University of York
>>On Fri, 1 Feb 2002, Geoff Reed wrote:
>> I've dealt with Sunguk many times and he's a stand up guy, the 1 time
I
>> got a bad Dimm from him for my sp[arc ultra he refunded the $ to me with
no
>> problems.
And Doc Opined :-
> Yeah, I read through the negatives, and they all had the same flavor.
>Mostly it seems Mr. Sunguk doesn't babysit. I wasn't so worried that I
>refrained from buying. I wouldn't try it on most PC's though. Every PC
>I've had that took 30-pin SIMMs wanted parity. Was that the norm, or my
>luck?
You are right, Sunguk doesn't suffer fools. He is however very good - one
of the positives is from me - I bought 128mb of Sparc5 Ram (that rare-ish
5volt Dimm stuff) from him a few months back and he made an exception and
shipped internationally.
Question is - does my '030 Cube take parity or non-parity.....eek! I used
to know this...
//Rich
Doc
<doc(a)mdrconsult.com> To: classiccmp(a)classiccmp.org
Sent by: cc:
owner-classiccmp@cla Subject: Re: cheap 16MB 30-pin RAM on eBay
ssiccmp.org
02/02/2002 02:52
Please respond to
classiccmp
Doc
On February 3, Pete Turnbull wrote:
> Even on a switched network. Case in point: a couple of weeks ago, someone
> plugged an unauthorised laptop (we assume) into our student network. We
> surmise that it was misconfigured, it acted as a DHCP server, and gave out
> a lot of spurious DHCP responses. Not pretty.
Eeeeeek. Sounds like someone who needs to have his fingers broken!
-Dave
--
Dave McGuire
St. Petersburg, FL "Less talk. More synthohol." --Lt. Worf
On Feb 2, 20:50, Chris wrote:
> > How would you react to a guest in your (not normally open to the
> >public) building plugging a computer into a random ethernet port and
> >asking for a DHCP lease? Is there any non-emergency consideration that
> >would make that appropriate?
>
> I think that all has to do with WHO the guest is, and WHY they plugged
in.
>
> My network (and building) is normally closed to the public, but when we
> have clients in, and they bring their laptops, I generally allow them
> access to use printers, or gain internet access. But then, this is
> something that I plan to offer, so I actually have DHCP services
> specifically for this (and keep the rest of the network locked down to
> prevent them from wandering). So maybe I'm not as closed as you are.
In very broad terms, we do the same -- by arrangement. However, it's one
thing to make an arrangement for a specific visitor, when you know what
they're (supposed to be) doing and where they're supposed to be, and can
keep an eye on them, and quite another to let anyone plug something in.
--
Pete Peter Turnbull
Network Manager
University of York
On February 2, Doc wrote:
> The building in question is a secured building. Guests are required
> to log in & out, and rooms other than snack area & restrooms are locked.
> It is a government building. Space is donated to a local computer
> group. A member of that group simply plugged into the local LAN. The
> building's rep did state that the port should not have been left hot,
> and nobody has admitted, or claimed, that the member did anything but
> access the internet.
>
> I guess my opinion, which isn't very popular here, is that unless
> permission has been explicitly given, one should not assume permission
> to a local LAN, or internet access through the LAN. I do recognize that
> my position is due to working frequently at secured sites. One such
> facility, in San Antonio, prohibits ANY access to their network by
> non-employees. Contractors must tell a technician what commands to
> enter, and which buttons to click.
I think in a secure gov't facility, my approach would be a little
different...having once been in charge of the network at such a facility,
I can attest to the fact that there is a fair amount of paranoia,
often rightly so.
-Dave
--
Dave McGuire
St. Petersburg, FL "Less talk. More synthohol." --Lt. Worf
