[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] News Server



On Wed, 06 Nov 2002 12:44:03 +1300, you wrote:

> >Yeah, but what about someone hacking your file-server, and storing
> >images there?
> 
> You don't need to hack a K12LTSP system to put images on it - you just 
> put the images on it.

What I ment was that if a user stores files on the server it's easier
to track him down, than if someone breaks into you system.

> Once the kids are using a news client, some smarty will pipe-up with a 
> remark like "you know you can do this at home ay...."  and there's lots 
> more groups out there than this..  

Correct, but it's not more dangerous than a http://URL to the same
info - What parents do can _never_ be my responsability.

> Most kids have never heard of usenet.

Rigt, but I'd never refuse my kids acces to eg news:dk.* and other
relevant groups. Filtering news:alt.* and/or news:*.bin.* is another
matter.

> Absolutely!  no problem!  but *IF*,  *one day* you have *any* firewall 
> breach, the kids have a tool in their hands that will cause more damage 
> than you want to dream about. 

Or your www-filter/proxy breaks.

> I don't think it is necessary - different 
> story if it was a critical service viz HTTP..

I'm talking of giving the users a choice in how to obtain their
information.

Some prefer a homepage (BBS-style), some prefer to do it via a mailing
list, and some prefer it using a news server.

In the ideal world I'd give my users all three posibilities, and let
them chose, but ofcourse there is more work in making a system
delivering all the (or more) possibilities.

Ofcourse there are different security aspects on each methode, but not
more that could be covered.

> heh heh, most of that material is innapropriate, but pretty standard. 
>  Some articles available on usenet you will struggle to remove from your 
> mind for some time..

Sure, but you can easealy block them, by denying access to/from your
server in the ISP-line-firewall, and blocking external connection on
the server itself (in case of the firewall is compromized)

> My point is :  Why add an additional, non essential service when, if it 
> goes wrong, it will go very, very, wrong.

I see a local protected news-server as a storage medium, just with
another access method, not more - not less, but as in all other
situations you have to look on the security of the server.

> No other internet service 
> fits this category, except perhaps IRC.

Are you blocking eg ICQ too? You could do that wih the same arguments?

> As I have said, if you can do it securely, do share.  I gave up because 
> of security concerns.

I don't see your your problem - the problem you are focusing on is the
connection to the global usenet-system, witch is not being used on a
local system.

Furthermore many sites (microsoft / borland / etc) run specialized
servers with a very limited number of groups.

> I don't live in the US.  

Sorry - I wasn't looking on your mail-address ;-)

> And I'm quite sure your commitment to kids 
> internet safety, at least equals mine.

Sure.

Not everything is suited for a kids eye on the net. Not on nntp, and
not on http and nor on mail for that sake.

-- 
Venlig hilsen / Best regards
	Henning

 _H_P_C_o_n_s_u_l_t_    http://www.hpc.dk
 Skoletoften 9, Blans   http://www.turnsys.dk
 DK - 6400 Soenderborg





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]