Hey George , Since the thread has gone/trickled into network design and placement, i would suggest that you have a look at the SAFE Blueprint by Cisco Systems there a couple of scenario's and theories on different layers and applications, i understand your problem might not be cisco specific but you can pick up a few ideas from the material provided, Happy reading. http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_package.html On Fri, 17 Jun 2005 16:08:34 +0200, Mark Tinka wrote > On Friday 17 June 2005 15:09, Lule George William wrote: > > > Because they were all student laptops and I didn't > > want to go running around the network searching at > > which point they were hooked on. > > So have a mobile user (security) access policy. > > > Finally had to do > > it:-)... > > Sucks! But hey, so do taxes, and then you die :). > > > They had mytob and it was doing havoc on my > > network. > > E-mail virus scanning? > > > I mailed and called them to come for cleaning > > to no avail. > > Users are used to being the ones that complain. They > usually come to you for that. > > > I cut them off at the proxy from > > accessing the Internet but it seems they were quite > > happy with just the intranet... > > And e-mail. > > > thats why I wanted them > > off completely. > > Great stance; that should get them running to you. > > > However, I am still interested in > > finding out how to do it, because next time I really > > wouldn't like to run around the whole university > > network!!! > > Well, there are ways and techniques in discovering which > hosts are mis-behaving, but that's beyond the scope of > this thread (and would now enter into DoS mitigation and > vendor-specific knobs and switches, which can get > lengthy). > > I think the valuable lesson you have learned here is to > be able to design your network (and security policy) so > that you can do anything you want from the helm (and not > run around like a headless chicken). Campus networks can > be especially daunting, but a combination of routing, > switching and a security policy that allows for robust > scalability and management will save you next time, > regardless of the size of your network. > > But as most have suggested, cumbersome "customers" should > have their connectivity severed, as close to Layer 1 as > possible, if not. As Colonel 'The Champ' Agaba would > say, "You've got to nip it in the bud". > > Mark. Regards David Ziggy Lubowa _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
