Re: [K12OSN] Open-mosix question

Daniel Bodanske (danielbo@clickta.com)
Thu, 18 Apr 2002 22:11:30 +0700

Messages sorted by: [ date ][ subject ][ author ]
Next message: Paul Nelson "Re: [K12OSN] ip forwarding"
Previous message: Guy Lessard "Re: [K12OSN] Planning for Summer/ssh"

Julius Szelagiewicz wrote:

>Daniel,
>	exposure of the network on the switch doesn't have to be a
>problem. make sure you don't allow telnet into the servers, only ssh. this
>hides the passwords. being on the 10.x.x.x network is just fine, since you
>can put bootable stations anywhere threr is a network connect.
>	route add in fine, even if it feels like a hack. if you decide to
>firewall your setup, you'd need route delete default ...., route add
>default .... to access outside world, but from your letter i gather it
>would be asier to keep everything on the same 10.x network. you are
>not running 2 different networks on the common physical segment, right?
>julius
>
Julius,
Some background: the university sets the IP protocol like this -- 
10.{building#}.{floor}.{machine}, which is nice.  I don't understand, 
however, why they insist on having the gateway, dns, and proxy on the 
true IPs (202.29.26.1-5 are the proxies), and won't alias them or 
something.  I also don't understand why windows doesn't have a problem 
with this, even though the IP is 10.2.2.1 netmask 255.0.0.0.  If anyone 
can answer that one for me...
I'm the one that has a real problem with the lack of something between 
us and the rest of the university.  If I'm feeling generous, I say I 
don't want to pollute the netwok with our Xserver traffic, although 
netbooting from downstairs  or the listening lab is nice for me.  If I'm 
in a bad mood, however, it is because the entire university is 
unlicensed Win98 machines rife with Nimbda et.al.  It's like Soi Cowboy* 
out there, and I don't need the lists of banned IPs every day in my 
server logs. We get about 10kb/sec of portscans right now, per machine. 
 I don't want that pollution in my lab, either.
I take it, then, that route is my friend, and not my ignorant hack?  I 
was going to use BBIagent as the router, but I don't think I can use 
route with it now.  Any suggestions for the  4 year newbies out here?
Dan

* Upon rereading my email before sending (you believe that's a second 
draft?) I realize you won't understand this == the most infamous 
prostitution spot in Bangkok




_______________________________________________
K12OSN mailing list
K12OSN@redhat.com
https://listman.redhat.com/mailman/listinfo/k12osn
For more info see

Next message: Paul Nelson "Re: [K12OSN] ip forwarding"
Previous message: Guy Lessard "Re: [K12OSN] Planning for Summer/ssh"