On Feb 2, 20:25, Doc wrote:
> A little amplification -
> The building in question is a secured building. Guests are required
> to log in & out, and rooms other than snack area & restrooms are locked.
> It is a government building. Space is donated to a local computer
> group. A member of that group simply plugged into the local LAN. The
> building's rep did state that the port should not have been left hot,
> and nobody has admitted, or claimed, that the member did anything but
> access the internet.
Doesn't matter. A large proportion of computer misuse (figures vary, but
pretty well everyone agrees that they're significant) is from inside, in
any sizable organisation. Suppose someone else was up to no good, the
visiting
machine was insecure (highly probable), and was spotted by a scanner. It
becomes a gateway.
> I guess my opinion, which isn't very popular here, is that unless
> permission has been explicitly given, one should not assume permission
> to a local LAN, or internet access through the LAN.
You won't get any argument against that from me :-)
--
Pete Peter Turnbull
Network Manager
University of York
Received on Sat Feb 02 2002 - 21:50:52 GMT