[5185] in Release_7.7_team
Re: VPN for Solaris
daemon@ATHENA.MIT.EDU (Alex T Prengel)
Wed Jun 29 19:36:24 2005
Message-Id: <200506292336.j5TNaBha008914@dit.mit.edu>
To: "Jeffrey I. Schiller" <jis@MIT.EDU>
cc: alexp@MIT.EDU, release-team@MIT.EDU, ops@MIT.EDU, jdreed@MIT.EDU
In-Reply-To: Your message of "Wed, 29 Jun 2005 19:02:12 EDT."
<1120086132.17480.2.camel@jis.tzo.com>
Date: Wed, 29 Jun 2005 19:36:10 -0400
From: Alex T Prengel <alexp@MIT.EDU>
X-Spam-Score: 1.041
X-Spam-Level: * (1.041)
X-Spam-Flag: NO
>Of course this begs the obvious question. Why are we "imposing" these
>restrictions in the first place (presumably we've been running fine for
>years [if not decades] without them)?
Because there's essentially nothing preventing anyone on the Internet
from "borrowing" our licenses for these applications. All they need to
know (in most cases) is the name of the relevant license server (and
have access to the binaries, which is not hard to get). While security
by obscurity works to some extent, it becomes increasingly ineffective
as more and more MIT grads depart with this knowledge.
I've already seen evidence that some unauthorized use may have taken
place, and have seen numbers of "ACCESS DENIED" log records since the
IP address limits have been in place, presumably blocking such use.
Alex
