Hello I will try to answer (at list partly)
Students have access from the Technion to the internet, so they can investigate it (and in special cases, when research demands it, we take care for exceptional access) In a large system, you can't let users do whatever they want, you must protect your network. For example you will not let a user build & run a DNS server on the corporate network, you will give him a limited private network. If a Technion user misbehaves on the internet, it may block all the Technion from access to some sites. We would like to prevent it. If a student builds a web server, and the web server is open to the world, the student can use the server as a back door for anonymous entrance to the Technion via his server. To prevent this we limit the scope of access. To control all communication, you need a firewall that monitor communication on the session level and not at the port & protocol level and you need advanced analytic tools. This cost a lot of money, and not always available. 20 years ago the internet considered a safe place, today it isn't so you must limit access. Shahar -----Original Message----- From: Nadav Har'El [mailto:n...@math.technion.ac.il] Sent: Sunday, October 21, 2012 3:57 PM To: Orna Agmon Ben-Yehuda Cc: Shahar Dag; IGLU Mailing list Subject: Re: where to host web server On Sun, Oct 21, 2012, Orna Agmon Ben-Yehuda wrote about "Re: where to host web server": > I think it is not a question of resources, but of policies and > firewall ports. The Technion does not allow any SMTP servers that are > not controlled by the system team, for example. Look, specific policies about port 25 (SMTP) serve to solve a very specific problem (spam bots) and the collateral damage is small (students and faculty can't experiment with writing new mail servers). This is quite a different thing than a broad policy that no student-accessible computer in the technion may allow incoming connections. That prevents development of all sort of Internet services, protocols, and so on. I don't think I need to give here a list of Internet protocols and servers which were developed in universities, and would not have had the universities were so unnecessarily-strict back then. The smallest example would be my very own "almost complete guide to the Israeli Internet", which some of you may remember as my index of Israeli web sites in the early 1990s, which I created as a student and I learned *a lot* from this experience. Today, I guess, the Technion would frown upon such enterprise. Twenty years ago, people thought it was great that students learn about the Internet and create new things... Anyway, the original poster demonstrated why this policy is nothing but stupid: Here he wants to teach students something, and can't because of Technion policies, so he needs to turn to external companies to do this. How does this make any educational sense? -- Nadav Har'El | Sunday, Oct 21 2012, 5 Heshvan 5773 n...@math.technion.ac.il |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |This box was intentionally left blank. http://nadav.harel.org.il | _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
