l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 16:57

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] ipchains/firewall question
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] ipchains/firewall question



On Wed, Oct 18, 2000 at 05:42:31PM -0700, Ted Deppner wrote:
> With all due respect...
> 
> I cannot fathom why you are discussing blocking 192.0.0.0/8 or 19*.*.*.*.
> This indicates a basic lack of understanding about IP routing, netmasks,
> and (drum roll) an appropriate network design.
> 
> Either you are being silly (which makes for a short career in the
> firewalls field), or you really shouldn't be building firewall rulesets.
> 
> As Micah mentioned the internal network space is 192.168.0.0/16 and
> should be blocked from reaching the world, or the world reaching in to
> you.  Other spaces are 10.0.0.0/8 and 172.16.0.0/26.
> 
> Also, rather than removing access from 19*.*.*.*, you should probably
> focus on what you will allow, with a default of deny.

Hardly necessary commentary, Ted.  I'm imagining right now that
you haven't really been following this thread - he's not setting up
a router or a "real" firewall - he just doesn't want network traffic
from the rest of the school interfering with his Beowulf cluster.

Micah


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.