+ Post New Thread
Results 1 to 10 of 10
Netbooks, PDA and Phones Thread, EEEPc Security in Technical; So we're investigating using these for first year student, with no shares or printers mapped, just using the wireless networks ...
  1. #1

    Join Date
    May 2007
    Location
    Hale Barns
    Posts
    211
    Thank Post
    39
    Thanked 8 Times in 2 Posts
    Rep Power
    17

    EEEPc Security

    So we're investigating using these for first year student, with no shares or printers mapped, just using the wireless networks for web access, and the basic install of Linux out of the box, but I'm concerned about the easy access to Terminal etc..has anyone found a way of locking them down, to avoid this issue, or how have people set them up on their network (XP install, cc3 build)...whats the best route to take...

    Nick

  2. #2

    Join Date
    May 2007
    Location
    Hale Barns
    Posts
    211
    Thank Post
    39
    Thanked 8 Times in 2 Posts
    Rep Power
    17
    No responses..is that because no one else is using them? I'm facing management of 140 of them in a few weeks..

  3. #3
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    35
    We've been looking at getting a few (especially now that RM are doing a 30 piece kit for about £4k).

    But, as they will be used by the Scient dept for logging, and the software only works on Windows, we (read ME) are going to install WIn XP on them (with nlite). Although, I need to check the licensing...


    If you're planning to use Linux, could you remove all the stuff that you don't want them to use ?
    I admit, I haven't fiddled with them much.. apart from joining them to our Wireless LAN, and then handed them back to Science.

    I thought the default Linux on them (Xandros ?) used an XML file to create the "desktop", if so, you muct be able to remove everything (but what you want), and then they can't run it.

    Then you'll have to figure out Sysprep and imaging them...

  4. #4


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,033 Times in 813 Posts
    Rep Power
    341
    The worst problem with the security is that they can be easily formatted by students, or students can send each other handy scripts to brick each others machine. They are quite easy to image back though.

  5. #5

    Join Date
    May 2007
    Location
    Hale Barns
    Posts
    211
    Thank Post
    39
    Thanked 8 Times in 2 Posts
    Rep Power
    17
    Yeah, I'm not that bothered about them being bricked, because it's a five minute job to restore the original image..
    just concerned about the administrator level access and the rooting thing.
    I can't remember enough linux stuff from uni to be able to convince myself they can't mash our servers...

    ..i had one year 8 kid asking me about A records in DNS yesterday...scared the life out of me...

  6. #6

    Join Date
    Sep 2008
    Location
    Portsmouth
    Posts
    3
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Having access to a terminal window in itself isnt an issue. From a terminal window they will still need to input an admin password to do anything but basic commands.

    Just make sure they have user level privilidges, nothing more, and you won't have many problems.

  7. #7

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,964
    Thank Post
    139
    Thanked 291 Times in 211 Posts
    Rep Power
    193
    Quote Originally Posted by ian_cox View Post
    Having access to a terminal window in itself isnt an issue. From a terminal window they will still need to input an admin password to do anything but basic commands.

    Just make sure they have user level privilidges, nothing more, and you won't have many problems.
    Admin access on terms can be had via 'sudo su', 'sudo -s' and other such simple commands.

    If they have user level privildges it wont shutdown or mount drives.

    Chat programmes like 'pidgin' are installed by default and with simple term commands can be put back if you have removed them. Along with network sniffers if they are feeling brave and you dont have them properly segmented from the other network traffic.

    Terrible OS for school environment.

  8. #8

    Join Date
    Sep 2008
    Location
    Portsmouth
    Posts
    3
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    "sudo -su" and "sudo -s" rely on the file "sudoers" which you can configure to allow the user account no privileges or whatever you want/need.

    Linux is not a terrible OS for a school environment, its only terrible when its configured by people who don't know how to use Linux properly.

    Why is it that when techies compare Windows to Linux, we tend to compare a fully locked down/group policied Windows to a base install of Linux? Is that really a fair comparison?

  9. #9


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,033 Times in 813 Posts
    Rep Power
    341
    Quote Originally Posted by ian_cox View Post

    Linux is not a terrible OS for a school environment, its only terrible when its configured by people who don't know how to use Linux properly.
    The problem in this case is that the people who don't understand it are Asus. their configuration means that the default install won't boot without a passwordless sudo.

    If your not concerned about them being bricked then there shouldn't be too much problem with students having root. - provided your network and servers are secure. IMO the worst case scenario would be students installing password sniffers and DoS tools (or using a ping -f for example). If your network is encrypted and could withstand a distributed DoS attack from these machines then your probably ok.
    Thery are only 'terrible' for school if your infrastructure design is so limited in the first place.

  10. #10
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    Take a look at Ubuntu eee

    It looks nice and you can set up different user accounts with different levels of security.. It may take a bit of fiddling to get everything running perfectly, It took me about an hour or so. All the necessary documentation is on the site anyway.




SHARE:
+ Post New Thread

Similar Threads

  1. EeePC questions.
    By mooreeasyvibe in forum *nix
    Replies: 8
    Last Post: 26th June 2008, 12:38 PM
  2. New eeePC contender from VIA
    By SYNACK in forum Netbooks, PDA and Phones
    Replies: 6
    Last Post: 1st June 2008, 10:35 PM
  3. The Asus eeePc
    By Pete10141748 in forum General Chat
    Replies: 10
    Last Post: 1st May 2008, 10:42 AM
  4. HP Get on the eeePC bandwagon.
    By Geoff in forum Hardware
    Replies: 0
    Last Post: 9th April 2008, 10:31 AM
  5. eeePC possible problem
    By localzuk in forum Hardware
    Replies: 5
    Last Post: 22nd February 2008, 10:47 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •