Ravinder.Chandhok@GNOME.CS.CMU.EDU (06/11/87)
(This is a continuation of a discussion on how KIP deals with zones and how to protect LaserWriters from illegal access with out taking them off the network that a KBOX os on. Comments, anyone ?) Having thought more about zones and protections, it seems to me there are two separate problems here: one is the administrative/network traffic issues of having multiple zones; and the second is the problem of providing security for "insecure devices" like the LaserWriter. AppleShare servers are an example of a "secure" device - they already have password protection. On the zones, I don't have a strong opinion about needing them until we can use the ZIP/RTMP code in the new KFPS PROMS. However, I am concerned that some random person will change the password or something on my LaserWriter over the network, and I'll have to pay someone money to reset the E?PROMs on the LaserWriter. One malicious person could take out a whole campus of LaserWriters pretty easily (and quickly) if we treat our campus as one big AppleTalk net (which is desirable from a service point of view). One way to secure LaserWriters is to try and imitate a "poor-mans-spooler" by grabbing the LaserWriter when it boots, renameing its TYPE to be "laserFoo", and providing appropriate people with a LaserWriter Driver that looks for printers of type "laserFoo" instead of "LaserWriter". I know the renaming the type part can be done, but haven't tested just changing the resource string (id -4096) in the LW driver. Of course, it is a big hassle to munge and distribute said driver. Option Two is to make the gateways do some (somewhat arbitrary) NBP filtering. That is, when Max X sends out an NBP request for all LaserWriters, the KIP gateway will forward it as it does now. But when the replies come back, the gateway will NOT FORWARD any NBP replies who's name field doesn't start with "PUBLIC" back to Max X. Thus, without a whole lot more hacking, you won't be able to get the address of a LaserWriter (or any service) not on your net and not public. I.e. a Laserwriter named "laserwriter" would NOT be visible except on the local cable, while a LaserWriter named "PUBLIC laserwriter" would. If anyone has better/different ideas, I'd like to hear about them. Rob Chandhok CMU