hi ya martin
-- donno if you are looking for answers... or if you are looking for flame
wars ...
-- lets seee ... simple quickie answers...
if you have 20 PCs...you use a mask for 32 machines... 12 of um
will be unused ... that youhave to protect somehow...
make a dummy server, that answrs to those 12 ip#
-- if someone disconnected their laptop and another person connects
their laptop ...
- as long as people have phycial access to your lan...
you already been compromised ...
- lockit down ...more .... move laptops to a special
insecure lan
- you can allow only certain mac addresses to connect but...
mac access can trivially be changed to something that is accepted
- broadcast mask, net masks, etc...
typical class C 128 ip# for 4 ip#
ip# range w.x.y.{0-255} w.x.y.{0-127} w.x.y.{4,5,6,7}
w.x.y.{128,25}
w.x.y.{32,33,34,35}
network w.x.y.0 w.x.y.0 w.x.y.4
w.x.y.128 w.x.y.32
broadcast mask w.x.y.255 w.x.y.128 w.x.y.4
netmask 255.255.255.0 255.255.255.128 255.255.255.252
for more info... search google for "subnetting"
c ya
alvin
On Mon, 8 Oct 2001, martin f krafft wrote:
> * Alvin Oga <[EMAIL PROTECTED]> [2001.10.06 20:51:04-0700]:
> > if one has a class-C ip# ..and only using 20 ip# out of the range..
> > it is easy for someone to plug in an unauthorise machine into
> > your network... and sniff anything they like..
> >
> > - so to prevent that... i disable dhcp ... and use the proper
> > broadcast and netmasks needed to eliminated un-used ip# that
> > could be used by floating laptops
>
> please tell me how you choose a netmask such that your 20 computers
> occupy all IPs and there are none left for laptops.
>
> also, then please tell me how you prevent someone from temporarily
> switching his laptop in for one of the machines by using the machine's
> cable.
>
> and then tell me how you use the proper broadcast *and* netmask? broadcast
> is a function of a single IP and the netmask.
>
