Re: UnixWare

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Carl Corey: "host unreach bug (was:Re: UnixWare)"
• Previous message: Carl Corey: "Re: UnixWare"
• Maybe in reply to: Carl Corey: "UnixWare"
• Next in thread: der Mouse: "Re: UnixWare"

>> Also, is there a way to block people running FSP without blocking all
>> udp packets or relying on blocking udp to certain ports?  I may not
>> be around full-time on this system, so it is conceivable for a user
>> to set up their own fsp server in their home dir and not have me
>> notice it for a few weeks or so.
>
>Why would you _want_ to block that?  That doesn't put your system at
>any more risk than it already is by allowing said user connectivity to
>the world of any sort, as far as I can see.

I don't want people to pirate to/from my machine.  It's a waste of
diskspace to have all 35 megs of the latest game taking up space I could be
using for increased functionality (perl, etc)

>Unless you have some users connecting via, say, dialup, that you want
>to restrict from all network access of any sort; in this case, the only
>effective measures I can see are either (a) a sufficiently restricted
>environment that they can't import arbitrary programs or (b) having the
>kernel refuse network services to them unconditionally.

I will have users via dialup but network services are important, including
being able to ftp to and telnet to my site.  I was hoping that the router
could screen packets by protocol type.  Perhaps I could write a daemon to
determine what any UDP listeners are and report back.

• Next message: Carl Corey: "host unreach bug (was:Re: UnixWare)"
• Previous message: Carl Corey: "Re: UnixWare"
• Maybe in reply to: Carl Corey: "UnixWare"
• Next in thread: der Mouse: "Re: UnixWare"