[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [school-discuss] What should school firewalls keep in/out?

To: schoolforge-discuss@schoolforge.net
Subject: Re: [school-discuss] What should school firewalls keep in/out?
From: Fredrik Liljegren <fredrik@liljegren.org>
Date: 07 Mar 2002 09:35:05 +0100
Delivered-To: archiver@seul.org
Delivered-To: schoolforge-discuss-outgoing@seul.org
Delivered-To: schoolforge-discuss@seul.org
Delivery-Date: Thu, 07 Mar 2002 03:33:22 -0500
In-Reply-To: <E16ioYT-0000KL-00@hawk.mail.pas.earthlink.net>
References: <1015443094.3c866e96442e1@members.iteachnet.org><E16ioYT-0000KL-00@hawk.mail.pas.earthlink.net>
Reply-To: schoolforge-discuss@schoolforge.net
Sender: owner-schoolforge-discuss@schoolforge.net
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1

Chris Hornbaker <chrishornbaker@earthlink.net> writes:
> For K-12 schools, I think http _should_ be the only one open. If
> other ports are needed, leave them open too, but make sure they are
> _absolutely_ needed.  They don't need to be in chat rooms or on ICQ,
> all they need is http, so they can search the web for information on
> the topic they are given.

I'll have to go with Chip here...  I think that in every environment,
ports should be open by default and specifically closed, not vice
versa.  When it comes to ICQ, they've successfully circumvent most
firewalling anyway, and having people chatting in a web-browser isn't
any better than they learning a bit IRC.

I think the issue is more of what they are able to install and run; in
our free systems (GNU/Linux, BSD...) we can easily control that in
many ways, and actually let them have a game-folder locked to certain
hours of the day (preferrably off-curriculum-hours :-) ).  What the
student does on the courses is up to the teacher to control, not the
network administrator; and what they do on breaks, after school (if
they are allowed to be at the computers) should be up to them,
shouldn't it?

I know that there is a problem of students chatting during lessons,
I've had them myself (adult students even), but port-blocking or even
irc-software prevention is *not* a solution to that.  Neither is
blocking ssh-ports, since there are hundreds of portals for ssh on
port 80.  I know it is idealistic thinking of me, but I think that it
is the teachers job to make his course interresting and motivating
enough.

> For both types of schools ALL FILE SHARING PORTS _SHOULD_ BE CLOSED!
> They are _not_ needed at all.

That's true, at least for file-sharing a'la napster etc.  Since the
school probably has a policy of not stealing music etc both specific
ports and software should be unavailable.  FTP on the other hand is
quite useful for many purposes :)

Just my 2 swedish öre, Fredrik

Follow-Ups:
- Re: [school-discuss] What should school firewalls keep in/out?
  - From: Doug Loss <drloss@suscom.net>

References:
- [school-discuss] What should school firewalls keep in/out?
  - From: David Bucknell <david@members.iteachnet.org>
- Re: [school-discuss] What should school firewalls keep in/out?
  - From: Chris Hornbaker <chrishornbaker@earthlink.net>

Prev by Date: Re: [school-discuss] What should school firewalls keep in/out?
Next by Date: Re: [school-discuss] First Programming Language
Prev by thread: Re: [school-discuss] What should school firewalls keep in/out?
Next by thread: Re: [school-discuss] What should school firewalls keep in/out?
Index(es):
- Date
- Thread