[unisog] netreg

Wells, Cary cary.wells at ualberta.ca
Mon Oct 20 22:37:43 GMT 2003


True, monday mornings, brain dead.

We could have them authenicate sort of before getting on the web.  We do
this in our open labs right now.  Everyone has to ssh to a kerboros login
and once they have input their name and password they are granted access
until they close the ssh window.  We do this using AUTHPF which is part of
OBSD.  I can't see making academics login everyday but I could make them run
a "system check" or "security check" before logging in to the internet.

-----Original Message-----
From: Valdis.Kletnieks at vt.edu [mailto:Valdis.Kletnieks at vt.edu]
Sent: Monday, October 20, 2003 3:54 PM
To: Wells, Cary
Cc: unisog at sans.org
Subject: Re: [unisog] netreg 


On Mon, 20 Oct 2003 13:43:52 MDT, "Wells, Cary" <cary.wells at ualberta.ca>
said:
> Has anyone modified netreg so that it is invisible to the user?  Machine
> comes up, gets scanned if clean go onto net if not goes to patches web
site?

There's 2 problems:

1) Not all the internet is the web.  If they're only using the machine to do
POP mail checks, how do you redirect to a web site?

2) (related to 1) - How do you tell the user they've failed?  You might get
unlucky and the user actually turned off Windows Messenger when you told
them
to, so you can't spam them with a popup explaining the problem.....



More information about the unisog mailing list