Re: doc question on private network IP allocation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Oct 14, 2011 at 06:06:38PM -0700, Paul Allen Newell wrote:
> Thanks for the email replies.

Thanks, always try to help.

> The take I come away with from your three 
> emails is:
> 1) assume *.0 and *.255 are reserved,

Not just reserved--absolutely committed to their definition.

> 2) there is no standard, just personal conventions -- ...

Pretty much, yes.

> ...and that a group using a router should have a convention,

Well--the router address isn't just convention; if everyone doesn't use the
assigned address, it won't work.

If you're talking about any organization, or even private network, should
have an addressing convention, I'd say yes, definitely.

> and 3) let DHCP handle it if possible.

That's definitely true for dynamically assigned devices--generally,
workstations.

> The important thing to me is that they are on WPA2 and have both a rich 
> key and admin password.

Now that's a totally different can'o'worms--you're talking wireless
requirements, which is layered on top of the network conventions.

> All I have to do is convince them to do MAC access filter list and
> I'll be happy.

There's some disagreement on this issue--essentially, just how useful are
MAC access filters?  Given that the MAC addresses can be sussed out by
sniffers, and it's trivial to assign arbitrary MAC addresses on most, if
not all, wireless devices, there are those--myself included--that think
it's a bit of security by obfuscation.  Others argue that even that makes
the crackers lives a bit harder, so it's worth it.

I suppose it depends on the size of your organization.  For a home network,
or a small business network with few wireless users, it can't hurt and may
help a bit to use MAC access filters.  For any organization that has a
significant wireless population, the administrative headaches will probably
quickly outweigh any advantage MAC filtering offers.  This is definitely
$0.02, YMMV territory.

Cheers,
--
	Dave Ihnat
	dihnat@xxxxxxxxxx
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux