Re: LAN access while VPN is up
From: Triffid (triffid_at_nebula.net)
Date: 11/03/05
- Next message: Triffid: "Re: LAN access while VPN is up"
- Previous message: Somebody.: "Re: Zywall 5 of Firebox X5"
- In reply to: Moe Trin: "Re: LAN access while VPN is up"
- Next in thread: Moe Trin: "Re: LAN access while VPN is up"
- Reply: Moe Trin: "Re: LAN access while VPN is up"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 02 Nov 2005 19:53:33 -0500
Moe Trin wrote:
> In the Usenet newsgroup comp.security.firewalls, in article
> <vcV9f.4903$LF3.485510@news20.bellglobal.com>, Triffid wrote:
>
>
>>Cute - so they look like broadcast addresses until you check the mask.
>
>
> Most people swear that they _are_ broadcasts - and ignore the netmask as
> a typo, because everyone knows the only masks are /24, /16 or /8. ;-)
>
>
>>The bigger issue is screen real estate - the laptop has SFA,
>
>
> ?SFA? Star Fleet Academy? ;-)
Sweet Fsck All ;-)
>>while my desktop has 2 x 19". I'd be more efficient using the desktop
>>for documentation, and the laptop for remote system configuration.
>
>
> I don't have the desk space to put more monitors - I've got a 15 inch on
> the company box, and a 20 on the desktop. The wife's workstation has a
> similar layout. I'm running X on these systems, so I can be running a
> lot of tasks at the same time (there's 20 nxterms open on the big one,
> and 9 on the company box). That gives me enough effective space.
You might feel differently if you did all your work from home, as
opposed to mostly firefighting ;-)
>>OK, I'm procrastinating. It's ~14 systems using DHCP reservations on the
>>Netscreen - maybe 30 minutes, plus a few more restarting Samba on the
>>file server to avoid resetting it's nice uptime counter.
>
>
> I don't use Samba - does it keep it's own timer? If it's just the box
> itself, I'd expect it to just be restarting services - no need to reboot
> for that.
No, I'm referring to OS uptime. Restarting services _should_ be
sufficient, but anomalous behavior has been a problem in the past. After
all, Samba _is_ emulating M$ Networking, and generally does a fine job -
so one can forgive a few foibles that may well be down to the windoze
clients in any case.
I have the windoze boxes set to Ghost themselves to the file server
every 4 hours, so if the kids contract something nasty I just roll back.
Setting it up was a pain - Ghost had no problem saving to real windoze
or Samba, but could only restore from windoze - claimed the file I just
browsed to didn't exist when I tried to restore from Samba.
Symantec support promptly dropped the ball ("Samba is not supported").
It turns out Ghost sets irrational file permissions which windoze
"fixes" automatically, but Samba has to be told to do so via a mask.
>>Status Quo satisfies current company requirements - but there are
>>potential advantages to segregating all *my* systems against whatever
>>the kid's windoze boxes might unleash. Teenagers are quite the challenge
>>when it comes to user awareness training.
>
>
> No kids here, but I know what you mean.
#1 son just left, wanted me to type the admin password on his box so he
could install some P2P cruft. I told him I'd research the risks on the
weekend and then we'd discuss it...
Triffid
- Next message: Triffid: "Re: LAN access while VPN is up"
- Previous message: Somebody.: "Re: Zywall 5 of Firebox X5"
- In reply to: Moe Trin: "Re: LAN access while VPN is up"
- Next in thread: Moe Trin: "Re: LAN access while VPN is up"
- Reply: Moe Trin: "Re: LAN access while VPN is up"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
