On Mon, 3 Aug 1998 02:05:27 -0400 (EDT), <[EMAIL PROTECTED]> wrote:
>With all the fuss over detecting and configuring the second ethernet
>device, why not just use one. Enabling "Network aliasing
>(CONFIG_NET_ALIAS)" and "IP: aliasing support (CONFIG_IP_ALIAS)" in your
>kernel with some minimal configuration allows you to use both your
>internal and external networks simultaneously. I use this, and masq
>between my internal and external networks with no problem. if anyone would
>like any help with this, I'd be glad to assist.
Doing this broadcasts your internal network out to your external network. If
someone found out the internal address of your IP masq gateway (not too hard to
figure out), they could access your internal network. They could use a denial
of service attack to block your gateway while at the same time acting as your
own gateway to get access to your internal network. Effectively, they could
just step to the side to get around your firewall.
Allowing internal private addresses to share the same wire as a larger network
is often considered rude and/or sloppy. Say your network is 192.168.10.255; if
someone else on your external network also did the same as you are doing using
the 192.168.10.255 address space, you'd both get frustrating conflicts that
would take a long time to figure out.
-----------------------------------------------------------------------------
Edward C. Lange "Hey! Who took the cork off my lunch??!"
[EMAIL PROTECTED] -- W. C. Fields
-----------------------------------------------------------------------------
http://www.kirch.net/unix-nt.html
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
