[K12OSN] Re: [MSLNTC-L] Student Laptop

[David Trask]

Maine School and Library Network Technical Coordinator List             
<MSLNTC-L at LISTS.MAINE.EDU> on Fri Sep 16 2005 at 10:59 +0000 wrote:
>If later a machine is throwing off virus traffic we make them take it to a
>private vendor and get it cleaned.
>They must show us the work slip before we will allow the machine back on
>the network

With regard to the issue of folks bringing in personal laptops to a school
network and possibly having a virus....

How about this idea?  I'm somwhat confident it could be done....

Assume using a Linux server for DHCP.  Using a multitude of tools....a
script that would look at a log...and see "x" number of entries from a
specific MAC address generating "virus traffic" (this would need to be
known to some degree)...and thus denies the DHCPOFFER  to that MAC address
after "x" number of entries.  (Something similar to the way a proxy server
handles an entry with regard to TTL (time to live)?)  Then....this
"denial" would remain in effect for "x" hours before releasing and
allowing another try.  If the machine is clean...it'll get an IP
address....if not...it'll be denied again.  It'd be a cool way to take out
the middleman with regard to having to monitor personal laptops and all.

Ideas?

Hmmmm.....maybe in conjunction with a firewall of sorts (remember we're
talking internal networks)...but...here's the idea...in my paragraph
above...the idea would be limited due to the fact that the machine would
already have an IP address on the frst try...and would continue to have
one until the lease expires.  What about not only denies an IP address to
the client, but also denies the currently assigned IP address access to
the network for a specified period of time????

More ideas?


David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask at vcsvikings.org
(207)923-3100