[48] in Resnet-Forum
Re: secure hubs in dorms
daemon@ATHENA.MIT.EDU (lumm@spot.CC.Lehigh.EDU)
Thu Nov 11 13:58:38 1993
From: lumm@spot.CC.Lehigh.EDU
To: S2U@PSUVM.PSU.EDU (Steve H. Updegrove)
Date: Thu, 11 Nov 1993 13:25:44 -0500 (EST)
Cc: resnet-forum@MIT.EDU
In-Reply-To: <9311110005.AA19818@spot.CC.Lehigh.EDU> from "Steve H. Updegrove" at Nov 10, 93 04:54:00 pm
Steve,
Couple more questions of how you deal with dorm room nets, i'm getting
away from my original topic of secure hubs a bit. I'm convinced that
secure hubs are necessary in this environment, so i'll move on to some
other concerns.
>Obviously, a
>student could always buy routing software and connect other machines, but he
>would be the one held responsible for whatever came through the jack. We can-
>not tell whose hands are on the keyboard, but we know whose name is on the jack
>and on the card in the pc connected to it.
Let's assume that someone caused some trouble out on the Internet
somewhere, and we know it's coming from internet address x.x.x.x. How
do you trace internet address x.x.x.x down to a particular jack? Now,
i know with the secure hub you can restrict that jack to a particular
ethernet address, and you're using bootp to assign IP addresses, but a
student doesn't have to use bootp and your assigned IP address. What
if he just picks another one on the same subnet, say that of his
neighbor's. The only way i can think of keeping track of this is
polling the router occasionally and keeping the ARP table somewhere.
That way you would have a historical mapping of the IP address to the
Ethernet address and then to the jack location. Do you do this?
Comments please.
Some other questions (getting away from the security aspects):
1. What services do you provide? We are doing a pilot project at the
moment (40 connections) and we provided the dorm with a Novell server
with an HP laserjet and some basic software. We've found that the
most popular thing about the lan is printing. People just love the
local laser printer.
2. How do you deal with software licensing? Our site licenses for
such things as Wordperfect read that they are for use on University
owned machines. These machines are owned by the students, hence alot
of our site licensing software isn't available on tha lan.
3. Can the students use any Ethernet card they want or do you provide
a list of approved cards? How about driver software, do you provide a
package and help for the students or are they responsible for this
themselves?
These are just some questions that come to mind, let me know if this
list is not the appropriate place for this discussion.
Thanks,
mark
-----------------------------------------------------------------------------
Mark Miller
Lead Network Analyst lumm@Lehigh.EDU
183 Computing Center, Bldg #8B lumm@spot.CC.Lehigh.EDU
Lehigh University
Bethlehem, PA 18015
-----------------------------------------------------------------------------
