| « CCA login script for Linux and other Unix-based machines | Cisco Clean Access activated in Palo Verde » |
Resnet continues to misinform users
09/09/05
I just received an email from Resnet's manager Ted Roberge, routed through the Palo Verde Housing office.
Two highlights stands out:
3. I ask every residents help and assistance in solving this problem. Our policies have been written to keep our network up and running for the vast majority of residents and we have spent a great deal of time and resources to ensure the best performing network possible. As such, I ask that all residents STOP hooking up wireless routers incorrectly. I hear the arguments repeatedly that routers are a "good thing" as a resident can "hide" their computers behind it using NAT. This causes two problems. The first is that they are not getting hooked up correctly and is becoming the major cause of network outages. The second is that NAT'ed computers (192.168.x.x addresses) cannot be logged into Clean Access, so they will have difficulity with network access.
Resnet continues to fail to understand that it is their bogus instructions that cause these issues. A correctly configured router does not act as a rogue DHCP server. Only routers configured according to Resnet's bogus instructions can.
As for NAT'ed machines having problems with logging into CCA, that's also not quite true. Logging in works ok since this is all done through a browser. The CCA client tool may not be able to connect to Resnet's server. That's a fundamental flaw of CCA, and yet another reason why CCA is a bad idea. But Resnet is determined to push CCA, regardless of all reasonable objections that have been voiced, and they are now finding out the hard way that critics like me were right...
The other highlight:
4. Security problems have, once again, popped up since we had many residents arrive in preparation for the new academic year. Since yesterday, we have had to shut off 6 computers that were compromised and turned into SPAM zombies. This is caused by two things. First, if your are running PPLive, a program that allows users to view Chinese Television, you have opened up your computer to attack via what is called a SOCKS PROXY. There is no fix for this, only to ask that everyone to not run PPLive. We are setting up the parameters to completely block this malicious application as it is a nasty exploit.
Wasn't that what CCA was billed as solving??? So we have an acknowledgement here from Resnet's manager that CCA doesn't work.
Again, something a lot of residents have said beforehand. And again, Resnet chose to ignore what we were saying, and they now find out the hard way.
No feedback yet
