Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17
  1. #11
    Untangler
    Join Date
    Jun 2018
    Location
    Pacific Northwest
    Posts
    52

    Default

    Quote Originally Posted by f1assistance View Post
    A couple questions immediately come to mind:
    1) If you are NOT using Untangle at home, why?
    2) If you're using Untangle, why would any of 'your devices' connecting to the internet outside your domain not use OpenVPN and always stay within your control (e.g., deny a change in system configuration)?
    3) If you're using Untangle, and you have devices which regularly connect to the internet outside your domain without OpenVPN, why do you allow such a promiscuous device(s) to again connect back with your domain?
    4) Do you provide a separate subnet for the promiscuous devices?
    Security is serious, and should be taken seriously! The school district's IT clearly doesn't understand security because a solution of system change to achieve said security for promiscuous devices is wrongheaded.
    What are you not telling us and leaving out of your scenario?
    Hi! I'm Ben, glad to meet you.

    1) I am using Untangle at home - figured that was fairly obvious from my mention of dnsmasq, and oh yeah - posting in the Untangle Networking forums.

    2) As I stated in my original post, not my device - owned by the local school district, and issued to my child. Any attempts to "break" that configuration results in a hefty bill ("you broke it, you bought it,") and possible repercussions for the child, up to expulsion.

    3) Again - devices from the kids school aren't under my control - I've recommended several times they implement a VPN solution in concert with InTune for management, but I'm "just a parent." Oh, and none of these devices connect to my domain or access domain resources.

    4) I agree, security is definitely serious. I'll let you and the school district's IT department have that conversation.

    What I'm not telling you and leaving out is none of your business, since I'm not providing info like my external IP, what DNS servers I point to as forwarders, etc. If I decide to hire you as a network security admin, I'll be in touch.

    Have a great Monday!
    Jim.Alles and f1assistance like this.

  2. #12
    Untangle Ninja
    Join Date
    Feb 2016
    Posts
    1,135

    Default

    Quote Originally Posted by Synical View Post
    I'm thinking the lack of teacher emails and Schoology updates over the weekend indicate it was a system wide push, so they'll likely get an earful tomorrow.
    I confess it's just curiosity, but it would be interesting to hear how this is playing out. I'd think a little parental/taxpayer and school staff/taxpayer wrath would be in order.

  3. #13
    Untangle Ninja f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    1,495

    Default

    Quote Originally Posted by Synical View Post
    Hi! I'm Ben, glad to meet you.

    1) I am using Untangle at home - figured that was fairly obvious from my mention of dnsmasq, and oh yeah - posting in the Untangle Networking forums.

    2) As I stated in my original post, not my device - owned by the local school district, and issued to my child. Any attempts to "break" that configuration results in a hefty bill ("you broke it, you bought it,") and possible repercussions for the child, up to expulsion.

    3) Again - devices from the kids school aren't under my control - I've recommended several times they implement a VPN solution in concert with InTune for management, but I'm "just a parent." Oh, and none of these devices connect to my domain or access domain resources.

    4) I agree, security is definitely serious. I'll let you and the school district's IT department have that conversation.

    What I'm not telling you and leaving out is none of your business, since I'm not providing info like my external IP, what DNS servers I point to as forwarders, etc. If I decide to hire you as a network security admin, I'll be in touch.

    Have a great Monday!
    Ah, so what you left out was the device is the schools and this now promiscuous device (of theirs) on your network, you're trying to understand...gotcha! There's much there, but I see I've pushed where I was unwelcome. drops mic
    Vanguard Untangle...because nothing's worse than doing nothing!
    -------
    2, Pentium (R) Dual-Core CPU E5300 @ 2.60GHz 2599.968, 2089.96MB RAM
    And building #7 didn't kill itself!

  4. #14
    Untangle Ninja
    Join Date
    Feb 2016
    Posts
    1,135

    Default

    Quote Originally Posted by f1assistance View Post
    Ah, so what you left out was the device is the schools...
    That's funny. The school's ownership of the device is implicit from the first post.

  5. #15
    Untangler
    Join Date
    Jun 2018
    Location
    Pacific Northwest
    Posts
    52

    Default

    Quote Originally Posted by Sam Graf View Post
    I confess it's just curiosity, but it would be interesting to hear how this is playing out. I'd think a little parental/taxpayer and school staff/taxpayer wrath would be in order.
    I checked this evening, and it's been updated to point at Securly's DNS servers (publicly available).
    Jim.Alles and Sam Graf like this.

  6. #16
    Untangle Ninja f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    1,495

    Default

    Quote Originally Posted by Sam Graf View Post
    That's funny. The school's ownership of the device is implicit from the first post.
    Huh, "brought me her laptop"...I'll admit, you a s s u m e much better than I, dazzling! I've worked with clients who purchased a brand new laptop from their school and 'assumed' they owned it, only to find out they were unable (i.e., not permitted) to change any such network settings as long as they connected to the school's LAN, regardless of any other public/private connections made. If you can imagine it, some organization is doing it. Data is currency...thus the price of the device. Sometimes great deals are NOT so much. D'oh!
    Vanguard Untangle...because nothing's worse than doing nothing!
    -------
    2, Pentium (R) Dual-Core CPU E5300 @ 2.60GHz 2599.968, 2089.96MB RAM
    And building #7 didn't kill itself!

  7. #17
    Untangle Ninja
    Join Date
    Feb 2016
    Posts
    1,135

    Default

    Quote Originally Posted by f1assistance View Post
    Huh, "brought me her laptop"...I'll admit, you a s s u m e much better than I, dazzling! I've worked with clients who purchased a brand new laptop from their school and 'assumed' they owned it, only to find out they were unable (i.e., not permitted) to change any such network settings...
    And? The OP never mentioned buying anything. The point is, the school was in control of the device from post one. It wasn't a missing bit of information. Your wit and sarcasm notwithstanding.
    Last edited by Sam Graf; 01-28-2020 at 05:59 AM.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2