Computer registration at ASU (Was: Re: Linux at ASU Conferenc e?)

Tom Achtenberg plug-discuss@lists.plug.phoenix.az.us
Thu, 13 Mar 2003 11:39:00 -0700


On all the networks I've been part of ranging in size from 20 to 250 machines, no one has been allowed to connect a machine that was not company issue without the IT directors approval.  This has included remotely connection through VAN or Citric.  All remote machines have been required to have firewall and current anti virus software.  None of our users have been geek enough to even know what Linux is let alone have enough technical know how to use it.  We do run about 6 or 7 Linux servers but no Linux workstations.

-----Original Message-----
From: Austin Godber [mailto:godber@uberhip.com]
Sent: Thursday, March 13, 2003 11:30 AM
To: plug-discuss@lists.plug.phoenix.az.us
Subject: Re: Computer registration at ASU (Was: Re: Linux at ASU
Conferenc e?)


Alan Dayley wrote:
> I am after a direct clarification.  If you will note at the bottom of all these quoted messages, Austin quotes my statement that I assume other OSes must be registered too.  He responded with laughter.  His response implies to me that "non-*nix" OSes don't need to be registered.  I want to know if my understanding of the implied meaning is correct.

In my 10 years on ASU campus never has anyone asked me to register or 
otherwise inform them of the existance of any computer with the 
exception of those computers which are running the Linux or other UNIX 
like OS.  The initiative to register Linux/UNIX computers began last 
fall (2002) in the College of Engineering. in Particular it is organized 
by ETS (Engineering Technical Services).  This is NOT ASU IT (who 
manages ASU wide computing services) nor is it DATACOM (who runs the 
networking aspects).  ETS provides computing support for the college of 
engineering.

There, I have stopped being a twit ;)

> I agree with you that all computers on the network should be regitered and known.  The university should control access to the network.  I just want to know if they are being dumb, as Austin implies, and only require *nix OSes to register.

The details are very murky, a room is owned by a person, but can you 
assume that the person who has resposibility for the room also 
administers tha machine?  No absolutely not.  The rooms are popluated by 
grad students who do whatever necessary in pursuit of completion of 
their thesis research.

If they need OpenBSD to tinker with bandwidth throttling while they are 
trying something out the night before a presentation are they supposed 
to wait until ETS comes in in the morning before they install their 
machine so they can report it properly.

My simple argument is this.  A database filled by people voluntarily 
about the types of machines they are using will fail terribly (e.g. not 
reflect reality closely very quickly).  At least in this environment I 
think that is the case.  They should concentrate on security scans (e.g. 
nessus), port scans, and network IDS.

Actually, I see all of this as being a good opportunity for ASULUG to 
help people properly administer their machines.  This is a possible task 
for me to take up in the future.

Austin

PS - BTW, I would be interested to compare how the above techniques work 
for those of you who have experience administering largish networks.



---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss