[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Detection of printers in FC4



On Sun, 2005-09-01 at 15:09 -0500, Phil Schaffner wrote:
> On Sun, 2005-01-09 at 13:36 -0500, Jeff Spaleta wrote:
> > On Sun, 09 Jan 2005 18:29:57 +0100, Kyrre Ness Sjobak
> > <kyrre solution-forge net> wrote:
> > > What if there was some kind of "chanel" system - i.e. you could join the
> > > "physics department" chanel, and only printers shared to this channel,
> > > would be seen.
> > 
> > This idea doesn't solve any of the problems I express if the
> > broadcasting cups server gets to select for itself which channel it is
> > in. Active channels can still be dynamic membership and too long to be
> > usably browsable in the print dialog ui.  Active channels still
> > require that every broadcasting cups server on the network be
> > correctly configured to mean anything.  On large de-centralized
> > networks... clients can not depend on any broadcasting service to be
> > correctly configured.
> 
> We have had the local intranet with several thousand machines connected
> brought to its knees more than once by a cups server broadcasting its
> printers at ~1ms intervals.  Of course this is partly due to brain-dead
> network admins who have failed to segment the network in a sane manner.
> 

Use tcpdump to find it, then then have it shut down.

It is a good idea to segregate traffic between school rooms and 
departments. A Linksys router in each classroom would block 
the broadcast traffic from leaving the class room. If you can't 
live with NAT in each classroom the Lynksys router can be 
configured to work as a normal router and not a NAT Firewall.

> > And its absolutely worse on networks that merely
> > tolerate linux installs but do not have centralized support for linux
> > at all. Administrators for linux machines acting a clients for a
> > service such as cups needs to have an easy way to say 'ignore that
> > specific cups server at ip address W.X.Y.Z its clearly misconfigured
> > and being run by as gentoo zealot who doesn't know how to tie their
> > own shoes and since there is no way I can talk sense into them to
> > reconfigure their cups I need to take local action and disable their
> > cups ques from showing up on my systems to avoid my users acidently
> > trying to use that moron's private printer'
> 
> Yup, no central policy is what makes our local machines see several
> dozen to hundreds of cups printer to choose from, without local action
> to limit what is browsed.
> 

Again if the traffic is segregated you won't see them. But you 
should also campaign for a good policy. If your driven completely 
mad, you could print off H4x0r messages on the printer to "scare" 
the troglodytes into getting there systems fixed {you might even
put up a business card on the notice board ahead of time, and
make some spare cash fixing the H4x0r3d machines}. 

> > I should be able to 'register' selected printers individually and hide
> > the rest. Active channels just complicate the problem by adding yet
> > another piece of information that can be misconfigured on the
> > broadcasting cups server my client computer has the misfortune to
> > notice.  The simpliest control on the client side.. is to be able to
> > register individual ques or individual cups servers... and hide the
> > rest from view until a new printer needs to be found.
> 
> Amen brother!
> 
> > 
> > -jef"hostile de-centralized networks do exist....for services that
> > broadcast.. local clients need to have tools that can be taught how to
> > ignore rogue broadcasting servers"spaleta
> 
> Have been able to get such limits to work, but some good tools that made
> it easy and did not clobber hand-edits to config files would be much
> appreciated.
> 
> Phil
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]