[RC5] Security risks?

Andreas D. Landmark andreas.landmark at noxtension.com
Wed Jan 17 19:53:47 EST 2001


At 16.01.2001 14:02, you wrote:
>I've just had this mail from our IT manager:
>
>"Due to the increased risk of network intrusion faced by us on a daily
>basis, it has been decided not to permit applications like distributed
>network computing to run on our network.
>It opens a permanent connection to the internet.  This is unacceptable."
>
>I've been running dnet here for over a year with the co-operation of my
>colleagues and the knowledge of some management. We're currently
>processing around 2000 giganodes on OGR each day.
>
>He also refers to ICQ and Napster as possible risks and I know others
>use them here.
>
>Is he overreacting? Can anyone provide me with an argument to persuade
>him otherwise? I don't know enough about network technicalities to
>dispute what he says.
>
>Steve

AFAIK there hasn't been any serious securityriscs with d.net clients, and
considering the client only connects, and doesn't accept connections I can't
see what security riscs he's talking about.
BUT the d.net policy clearly states that you need the approval of the system
owner/admin/whatever to run the client, so if he says no, he says no...

You could try to persuade him to join d.net instead, or atleast get him to
set up a keyproxy, that way he could control the "permanent connections
to the internet" (which isn't true, the perprox or client only connects when
the buffers are empty/full or you tell it to, which hardly can be regarded as
permanent?).

Talk to your IT Manager and ask him if he can set up a keyproxy where he
can secure it as he pleases, that way he'll have a bit of control, just the
way we paranoid admins like it...




--
Andreas Landmark / andreas.landmark at noxtension.com
"If you are too low a lifeform to be able to learn how to use the
manual page subsystem, why should we help you?" (Theo de Raadt)

--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list