Hacker News new | past | comments | ask | show | jobs | submit login

I was an huge fan of newsgroups in the past, but unfortunately NNTP was blocked from my university campus network. Then I setup a NNTP server in parents house running as OpenVZ VM in an old PC and I was able to access through SSH. I never understood why SSH was permitted and NNTP forbidden.



The general issue is that some protocols have a hundred uses and if only one of them is mission critical, then it can't be blocked. SSH surely fits that description.

NNTP only has one purpose, sharing information (human to human). It's doubtful that any mission critical application needed it. Once IT saw that NNTP traffic had significant traffic and was throttling other traffic (or just expensive), they knew they could shut it down easily and therefore they did.


They should restrict SSH only to the permitted sources and destination then. Leaving SSH open is a big security risk, because you are barely permitting any kind of traffic. I think that people managing the university network at that time was not so great: for couple of years, the DHCP assigned you a public, unfiltered IP address and the password policy for accessing Internet was very easy to infer (take the last digit of your student ID, remove it and sum to the first digit). And you can easily find online a student ID of someone else.

I remember people putting desktop PC in the lockers with ton of warez and P2P to the world with the ID of someone studying architecture or medicine.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: