[conspire] corrected to HP LaserJet4M Plus Re: HP LaserJet4 - CUPS lists printer twice
Tony Godshall
tony at of.net
Tue Sep 1 14:37:43 PDT 2009
On Tue, Sep 1, 2009 at 11:44 AM, Rick Moen<rick at linuxmafia.com> wrote:
> Quoting Tony Godshall (tony at of.net):
>
>> The newer (cheaper?) ones have no front panel and configure by http
>> instead of (in addition to?) telnet
>
> Heh, bummer. (I haven't bought one in a long while.) Well, you can
> still, nonetheless, let them pick up a DHCP lease by default, then
> telnet into that IP. JetAdmin still isn't actually needed.
Yes exactly, JetAdmin is not needed. Was I arguing that it was?
But in our production environment we don't let unchecked machines
onto the network. So we don't run dynamic dhcp.
>> Well yes but this is not just about bootp. that's the line that lets
>> dhcpd give out dynamic addrs.
>
> Ah, thanks for clarifying. As I said, I can't find my example version
> of that file, and had forgotten.
>
>> We run static-only shops but dhcpd is still useful as outlined above
>> and to detect machines attempting to access our LAN, authorized or
>> not.
>
> There are a bunch of BOfH-ish tricks related to that. For example,
> after you've recorded in dhcpd.conf the MAC addresses of all your
> authorised hosts, you can set up a small pool of "in the doghouse"
> dynamic IPs. Then, make sure any machine trying to communicate from
> those IPs get their outbound traffic quarantined, e.g., Web browsers get
> shown only a page telling the user to go visit IT.
>
> Truly fascistic admins will also make their switches confine traffic
> from unknown MAC addresses to the doghouse. ;->
Heh. Sounds like some sysadmins have too much time on their hands.
More information about the conspire
mailing list