[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tiger: how to disable Bonjour service?

Subject: Re: Tiger: how to disable Bonjour service?
From: Stuart Cheshire <email@hidden>
Date: Fri, 10 Jun 2005 12:59:35 -0700
Delivered-to: email@hidden
Delivered-to: email@hidden

>It does turn off Bonjour, but also AFP, system.log says:
>
>Jun  8 10:52:06 Gnarlodious-PowerBook DirectoryService[43]: DS (Bonjour)
>couldn't register [NSLUseMachineNameForRegistration] (afpovertcp) due to an
>error: -65537!
>
>Also, eppc and a few other network protocols are also disabled. Is this
>supposed to happen? Startup is also delayed at least a minute as it waits
>for disabled network to appear.
>
>This doesn't seem right. Any more advice? I only want disable broadcasting.
>
>-- Gnarlie

I think the problem you're running into is that over time, more and more 
networking applications are being written to take advantage of the 
ease-of-use that Bonjour provides. When you take it away, they stop 
working. It's a bit like wanting to be able to disable ARP, or TCP, but 
still have networking applications continue to work just the same.

In a non-obvious way, disabling Personal File Sharing is probably in fact 
exactly what they really want. When LANL say they "considered it a 
security risk", it's not Bonjour per se that they're talking about, but 
all unauthorized networking services people might run on users' machines. 
When a user turns on Personal File Sharing, that's a potential security 
risk if the password is not strong, and may well contravene LANL policy. 
Bonjour doesn't change the security risk of Personal File Sharing, but it 
does make it harder for someone violating LANL policy to turn on Personal 
File Sharing and just hope that no one will notice.

If LANL says they want Bonjour disabled, I think what they mean is that 
they want to prohibit people from running *all* unauthorized network 
services on their machines, not that it's fine for people to run illicit 
network services just as long as no one notices.

Stuart Cheshire <email@hidden>
 * Wizard Without Portfolio, Apple Computer, Inc.
 * www.stuartcheshire.org

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Bonjour-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/bonjour-dev/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: Tiger: how to disable Bonjour service?
  - From: Gnarlodious <email@hidden>
- Re: Tiger: how to disable Bonjour service?
  - From: Gnarlodious <email@hidden>

Prev by Date: Re: Deployment on Windows client
Next by Date: (no subject)
Previous by thread: Re: Tiger: how to disable Bonjour service?
Next by thread: Re: Tiger: how to disable Bonjour service?
Index(es):
- Date
- Thread

Home