ons 2005-03-09 klockan 08:18 -0500 skrev Scot L. Harris: > You mean they are assigning routable IP addresses to all equipment and > sticking them on a flat network? No wonder they are paranoid. They > have no protection at all, if I understand the situation. > > That network must be like the wild west, systems getting owned every > day. Wonder how much paper gets wasted once some one stumbles onto an > unprotected printer? In my experience unprotected printers aren't really a problem. They could be used for SPAM, but I doubt selling v1ª9R4 that way would work, and the printer would soon be moved to a private network anyway so it wouldn't last. And as a prank, how fun and "leet" is it to waste a couple of hundred papers on some printer you don't even know where it is? Anyway, we're a university with 14000 students and a few thousand employees, and our network is very open. We try to put the printers on private networks, and some equipment like switches are too, but not any of the servers or workstations. I've never seen a NAT router anywhere, although I suppose there could be one somewhere. There are some blocked ports, but not many. We do use the software firewalls in each computer, though. Especially on Windows. And no, it's not like the wild west. There are a few islands of horror that are being taken care of, but overall it's fine. It's not about firewalls, it's about knowing what you're doing. Yep, we've even got IPv6 up and running in a lot of the networks. > I can understand that. I was recommending that you buy them a firewall > for them to administer and run on your behalf. But from other things > you have described they would not know what to do with such a device. They'd want to buy it themselves then, so they can get what they're used to. They don't want to deal with a lot of different types of routers, firewalls and switches. It's too much work. /abo
