LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2016

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: snooping windows 10 - how to stop it on a linux gateway?
From:	Karel Lang AFD <[log in to unmask]>
Reply To:	Karel Lang AFD <[log in to unmask]>
Date:	Sat, 5 Mar 2016 11:09:42 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (82 lines)

Hi Todd and all,
you wouldn't belive, how glad i would be to get rid off all windows PCs.

And if it was just because of regular office users, it would be 
happening. But, alas, in my LAN is sitting roughly like 350 Dell and HP 
workstations that run 'Catia', which is a CAD application for automotive 
industry - and there is no way this will run under wine or on KVM 
virtualized windows guests (sigh)...

With what jdow wrote - about the windows update server (that sits 
insided your LAN) acting like relay point, it is really hard/bad.

Really, only thing i can think of is as i said in my 1st post the so 
called 'DPI' - deep packet inspection, which is a method of packet 
filtering that functions at the Application layer and inspects packet 
payloads searching for defined pattern(s).

Thing is i need to know which pattern or string to search for (which i 
dunno).
I found on internet many posts trying to block the telemetry windows 
servers, but this is really not much elegant way and also not much 
effective, as these things can change very dynamically.

As i said, i'm not giving up yet and i'm gonna consult some network IP 
specialists.

with br,
Karel

-- 
*Karel Lang*
*Unix/Linux Administration*
[log in to unmask] | +420 731 13 40 40
AUFEER DESIGN, s.r.o. | www.aufeerdesign.cz

On 03/05/2016 10:09 AM, ToddAndMargo wrote:
> On 03/04/2016 08:16 PM, Karel Lang AFD wrote:
>> Also the PCs must have internet access to email, http, https, ftp, sftp
>> - simply the 'usual' stuff.
>
> Hi Karl,
>
> All work marvelously user Fedora/RHEL.  It may be time for
> your to consider migrating off of Windows.
>
> I support Windows, Linux, Apple.
>
> Apple is like an excruciatingly weird straight jacket.
>
> The quality and security issues involved with Windows takes
> my breath away, especially with all the Crypto Locker style
> viruses out there.  Yo are one eMail away from an absolute
> disaster.  And these viruses go after your backup too!
>
> With Linux, you will noticed that you are only assisting with
> programs and setting up features.  You will no longer be
> chasing your tail over quality issues, bad updates, spying,
> "Where's Waldo?", etc..
>
> You can make Xfce look like XP and KDE look like W7.  Nothing
> can make anything look as bad as Frankenstein and Sons
> (W8 and W-Nein).  I love Xfce just as it is.
>
> With Fedora/RHEL, there is none of this "w7 installer
> can't read USB 3 ports, so no keyboard or mouse" baloney
> to deal with.
>
> Where you get into trouble are Windows only business
> apps, such as Quick Bucks, oops, Quick Books.  Set up
> a KVM server and have them log into with Spice from
> their workstations.  (I prefer XP for such, it is
> more powerful and less buggy.  Plus no more idiot
> M$ updates to crash your next boot up.)
>
> And this profession starts to become fun again. And dead,
> dragging computer come back to life!
>
> -T
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV