[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Non-IP Based Institutional Subscriptions?

Just a quick note on EZProxy.. EZProxy is good in terms of internal and
remote ISP's having firewalls as it does not require the regular proxy
port (180) to be open.

We are currently investigating the possibility of implementing it here
however have serious reservations about it and most likely will not
implement it due to the following reason:-

For ease and convenience EZProxy requires the following record to be added
to the DNS (Domain Name Server) of your local network:-

Server Name		 Server IP

www.yourlibrary.com IN A
*.www.yourlibrary.com IN A

Using the first record everyone in the world knows that
www.yourlibrary.com goes to the associated IP and so all requests
on your network are then routed to the machine with the IP ..

However, the second record is needed to be added to the DNS for EZProxy
not requiring a seperate port for authentication, where EZProxy randomly
gives a unique name for each request and so you need the * (wildcard) in
front of the server name so that all those requests are again routed to
your server.

The problem with the above however is that imagine the repercussions of
having such a record in the DNS. Now anyone in the world could have a name
of the sort baduser.www.yourlibrary.com and take over your IP for their
use.  They could go and hack machines all over the world and the blame
would come to your server or your network; would that be acceptible?

The above is just one example of what could be a potential problem,
however I could think up a lot more problems with this and so we are
trying to convince our libraries to stick with the traditional AutoProxy,
even though it may be a bit problematic with a few of the browsers

My 2 cents..

For the above problem with EZProxy please see:-

Systems Administrator
Dalhousie University Libraries
(902) 494-2694

On Sat, 8 Dec 2001, Carole Richter wrote:

> Are any of the proxy responders using EZProxy?
> Carole Richter
> Electronic Resources Coordinator
> University of Notre Dame Libraries
> (219)631-8405
> richter.8@nd.edu