[Nottingham] Avahi, Zeroconf, UPnP

Fay Knight fay_knight at zoho.com
Thu Jan 17 17:00:21 UTC 2019 

Sounds like an interesting discussion but once again I have to send apologies - have another meeting in Derby this evening that I need to get to.   I'll try and make it to a meet-up soon.   

Fay 

On 17 January 2019 15:46:54 GMT+00:00, Martin via Nottingham <nottingham at mailman.lug.org.uk> wrote:
>Vadim,
>
>Indeed, good to discuss tonight - see you there!
>
>
>Note that the demi-god Poettering is on record as considering the
>decades of proven unix philosophy as something to be ignored and that
>of
>maintaining compatibility with other services and systems outside of
>the
>Poettering world as something that is of no concern to him. The rest of
>the world are supposedly to reshape themselves around His System
>Image... Regardless of how that Image might arbitrarily change.
>
>Just one example of that for Avahi (+ the Zeroconf/UPnP system) is that
>multicast messaging can become borked...
>
>Also note that supposedly, as was told to me upon many an occasion by
>various MSCE people, that "Microsoft Best Practice" is to have
>everything on a single unrestricted network... That does seem to be the
>case considering the workarounds we needed to use a segmented set of
>networks with Windows servers!...
>
>(The Linux servers were perfectly fine about whatever networking :-) )
>
>Fun to be discussed over a few beers ;-)
>
>
>See ya there,
>
>Cheers,
>Martin
>
>
>MCSE: https://en.wikipedia.org/wiki/Microsoft_certifications
>
>
>On 17/01/2019 12:41, VM via Nottingham wrote:
>> I'll agree that there is sometimes undesired promiscuity of zeroconf.
>> Still, larger networks should be segmented by workflows and security
>> clearance with gateways proxying service discovery with filters
>defined
>> by the network admin.
>> Service discovery was not invented by Poettering et al. so I object
>to
>> putting avahi in the same group as systemd.
>> Something to discuss tonight :)
>> 
>> On 16 January 2019 16:13:15 GMT, Martin via Nottingham
>> <nottingham at mailman.lug.org.uk> wrote:
>> 
>>     On 15/01/2019 16:54, VM via Nottingham wrote:
>> 
>>         What's wrong with avahi? Poettering's last commit was in
>2012! It's
>>         modular and doesn't grow like cancer...
>> 
>> 
>> 
>>     In decades, I've never needed it nor wanted it. Similarly so for
>such as
>>     Zeroconf and UPnP... Worse still, they can cause great confusion
>and
>>     they can expose or even be the cause of vulnerabilities. There
>are
>>     repeated exploits "in the wild" of anything UPnP...
>> 
>>     In any case: Whoever uses a network without DHCP?! Unless that is
>you're
>>     already an uber-geek and you know that you are deliberately doing
>some
>>     sort of P2P.
>> 
>>     On home networks with few devices and only one user, that trio of
>>     silliness might be benign enough. In the workplace with multiple
>devices
>>     desperately offering services promiscuously to anything and
>everything
>>     on a network, they can be hilariously bad for the silliness that
>then
>>     ensues...
>> 
>>     It is far less confusing to have the human aware and in control
>of what
>>     connects to what, and if and when they want it to. That can still
>be
>>     'simple' for people and without any need of dumbing things down
>to
>>     assumed monkeys.
>> 
>> 
>>     Cheers,
>>     Martin
>> 
>> 
>>     See:
>> 
>>     https://en.wikipedia.org/wiki/Avahi_(software)
>> 
>>     https://en.wikipedia.org/wiki/Zero-configuration_networking
>> 
>>     https://en.wikipedia.org/wiki/Universal_Plug_and_Play
>> 
>> 
>> --
>> vadim at mankevich.co.uk PGP key fingerprint
>> 0xC046022A3A91455AF0C9BB2404BF882B1905C772
>> Retrieve from https://keybase.io/vmankevich
>> 
>> "When we take away the right to figure out if something bad is going
>on
>> in our computers, the inevitable consequence is that bad things will
>> happen in our computers." (Cory Doctorow)
>
>
>
>-- 
>Nottingham mailing list
>Nottingham at mailman.lug.org.uk
>https://mailman.lug.org.uk/mailman/listinfo/nottingham

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20190117/22d5be16/attachment-0001.html>

More information about the Nottingham mailing list