[jrockway]

Because we're living in an alternate universe where there's no such thing as VLANs?

[shell0x]

True, I we use a MAC Filter at work. If your MAC isn't in a whitelist, then the port get blocked. They took the file sharing a bit too seriously..

[ams6110]

I know of one software shop locally where the dev and build machines are on a complete network island. No external access at all. If you need to google something you need to use a different computer connected to the public internet. A bit inconvenient, but not unworkable. Devs have a laptop or tablet for public browsing, and their actual work takes place on the "clean room" network.

[SoftwareMaven]

We have a handful[1] of secure machines that are allowed to SSH into production systems. No development or other Internet activity takes place on those boxes.

[1] A handful because many of us are remote. Mine is a EeePC.

[shell0x]

Sounds good :-) Do you use Linux on this EeePC?

[SoftwareMaven]

Of course. It's kind of a requirement at KSplice[1]. :)

1. http://www.ksplice.com/

[s_henry_paulson]

Except for MAC filters aren't relevant to this situation at all. Private VLANs, however, are.

A VLAN would keep these computers on their own network, and firewalls could be set up on the network side to prevent this stuff from happening.

A MAC filter would do nothing in this situation, because you are using their computer. Even if you had a MAC filter, these computers would be white-listed anyway.