On all the networks I've been part of ranging in size from 20 to 250 machines, no one has been allowed to connect a machine that was not company issue without the IT directors approval. This has included remotely connection through VAN or Citric. All remote machines have been required to have firewall and current anti virus software. None of our users have been geek enough to even know what Linux is let alone have enough technical know how to use it. We do run about 6 or 7 Linux servers but no Linux workstations. -----Original Message----- From: Austin Godber [mailto:godber@uberhip.com] Sent: Thursday, March 13, 2003 11:30 AM To: plug-discuss@lists.plug.phoenix.az.us Subject: Re: Computer registration at ASU (Was: Re: Linux at ASU Conferenc e?) Alan Dayley wrote: > I am after a direct clarification. If you will note at the bottom of all these quoted messages, Austin quotes my statement that I assume other OSes must be registered too. He responded with laughter. His response implies to me that "non-*nix" OSes don't need to be registered. I want to know if my understanding of the implied meaning is correct. In my 10 years on ASU campus never has anyone asked me to register or otherwise inform them of the existance of any computer with the exception of those computers which are running the Linux or other UNIX like OS. The initiative to register Linux/UNIX computers began last fall (2002) in the College of Engineering. in Particular it is organized by ETS (Engineering Technical Services). This is NOT ASU IT (who manages ASU wide computing services) nor is it DATACOM (who runs the networking aspects). ETS provides computing support for the college of engineering. There, I have stopped being a twit ;) > I agree with you that all computers on the network should be regitered and known. The university should control access to the network. I just want to know if they are being dumb, as Austin implies, and only require *nix OSes to register. The details are very murky, a room is owned by a person, but can you assume that the person who has resposibility for the room also administers tha machine? No absolutely not. The rooms are popluated by grad students who do whatever necessary in pursuit of completion of their thesis research. If they need OpenBSD to tinker with bandwidth throttling while they are trying something out the night before a presentation are they supposed to wait until ETS comes in in the morning before they install their machine so they can report it properly. My simple argument is this. A database filled by people voluntarily about the types of machines they are using will fail terribly (e.g. not reflect reality closely very quickly). At least in this environment I think that is the case. They should concentrate on security scans (e.g. nessus), port scans, and network IDS. Actually, I see all of this as being a good opportunity for ASULUG to help people properly administer their machines. This is a possible task for me to take up in the future. Austin PS - BTW, I would be interested to compare how the above techniques work for those of you who have experience administering largish networks. --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss