Corporate Reactions to Linux (fwd)

Tue Oct 12 17:18:03 GMT 1999

On Tue, 12 Oct 1999, Richard Kail wrote:

> Hello !
> 
> On Tue, 12 Oct 1999, Luke Kenneth Casson Leighton wrote:
> 
> > the point i really have to make here, therefore, is that the corporation
> > should have banned USERs from setting up unauthorised computers (or should
> > fire anyone that does so without consulting their network authorities).  
> > i mean, how stupid can you get.  setting up a network server without
> > reading up on the consequences of your actions.
> > 
> > the second point is that the decision to ban linux, if followed to its
> > logical conclusion by the unmentioned corporation, should result in all
> > systems (listed above) being banned as well.  yes, all of them.
> 
> If you are thinking about "keeping things up and running" it is ok to see
> things this way.

i see things in several different ways.  the conclusion point two is
supposed to be absurd.

> If you are thinking about security

... which i am.  and due to microsoft, security on this issue is totally
out the window, and there's NOTHING that can be done about it except to
ban users from setting up unauthorised NT-Domain-Compatible PDCs.

> things are looking a little bit different.

> Banning users from doing /something/ may be a pragmatic way to
> keep things up and running; if you have to garantee that things are up and
> running

sorry, not possible.  ok, maybe you can come close, but it requires
active monitoring.

for example, you use samba as a WINS server. you modify the source code in
nmbd such that it monitors for registrations of DOMAIN_NAME<1b> and
DOMAIN_NAME<1c>.  you run one of these "monitors" on each of your
broadcast-isolated subnets.

you can then either email / page the administrator or run
denial-of-service attacks against the offending server to take it down (a
drastic and not highly recommended course of action).

luke (samba team)

<a href="mailto:lkcl at samba.org"   > Luke Kenneth Casson Leighton    </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development   </a>
<a href="http://samba.org"        > Samba Web site                  </a>
<a href="http://www.iss.net"      > Internet Security Systems, Inc. </a>