Hello Andradas, I was thinking now the same way ... how does it do the authentication ... horatio looks really nice but if the users have to keep a web browser opened all the times this is the same like the certificates authentication ... and it doesn`t seem like an option to me ... . Many students just chat on yahoo messenger ...
It is indeed a solution ... I'll consider it. HTB is for sure going to be used if i'll have a secure authentication method and leave all ports opened. Adrian TIRLA On Dec 14, 2007 9:00 PM, Jonas Andradas <[EMAIL PROTECTED]> wrote: > Hello, > > Regarding horatio, which seems interesting, I wonder how it does the > filtering. If it just creates iptables rules based on IP, if users > can sniff traffic (i.e. unencrypted wireless), they could change their > mac address and IP and try to trick Horatio into thinking they are a > "valid" user... Or maybe I am wrong. > > Regards, > > Jonas Andradas > > > On Dec 14, 2007 7:40 PM, Adrian Minta <[EMAIL PROTECTED]> wrote: > > Tirla Adrian wrote: > > > Hello, > > > > > > I`m currently one of the network administrators of a 3000+ students > > > and i have some issues maintaining security, authentication ... and > > > quality of service ... > > > > > > > > > > 1. For authentication you may use something like: > > http://horatio.sourceforge.net > > 2. Block outgoing connection on ports like: 25, 445, 137-139, block > > multicast, broadcast and bogons. > > 3. To save bandwidth use transparent proxy. > > 4. Limit each IP to a maximum bandwidth using HTB and especially limit > > NAT translation per IP to a reasonably small amount ( 32 should be fine > > if you are not allowing P2P). > > > > -- > > Best regards, > > Adrian Minta MA3173-RIPE, MA314-ROTLD, www.minta.ro > > > > > > > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
