Archived from groups: (
More info?)
On Mon, 19 Sep 2005 17:28:13 -0400, William P. N. Smith <> wrote:
>[Yeah, fuzzy thinking, but you get the idea. Least, I think we do,
>Jeff would disagree, but I'm not sure how to get Newless Cluebies to
>give us any more detail than they do. I tend to state my assumptions
>given the limited information given and present an answer based on my
>assumptions.]
Sigh. Prying information out of people with tech wireless questions
is frustrating. I can understand not disclosing locations, static
IP's, logins, and passwords but why this anonymity craze is being
extended to hardware makes, models, and versions is beyond my limited
imagination. It's a bit like the browser cookie "threat", where
paranoia rules over any attempt to understand how cookies actually
work. Anyway, I've tried being polite, diplomatic, humiliating,
humorous, vicious, and irate, without any noticeable effect. I would
not expect beginners to have an extensive technical vocabulary. I do
expect them to supply enough information to get a decent answer.
Perhaps it's time to write an FAQ as this nonsense is getting old.
Anyway, we have a local wireless ISP that uses non-routeable, RFC1918
style IP addresses in the 10.xxx.xxx.xxx range. Managing this mess
was declared to be a challenge, so the least organized person involved
was drafted into assigning IP addresses and managing the list. That
was me until recently. Currently, it's about 40 /24 subnets in about
5 VLAN's. Each user has two IP's, one for the wireless and one for
the router. There are also about 15 devices on the network. Keeping
the IP's straight is a pain.
The major problems are users that want to assign their own IP's, as in
this example. A new IP appears out of nowhere and usually causes
problems. I use arpwatch to check for any suprises and conflicts.
About a month ago, someone decided to reconfigure their router so that
their IP address was the same as the gateway router. Since the MAC
address was new, I just blocked it by MAC address at the gateway and
waited for the phone to ring. 10 minutes later, the complaint arrived
and I got to practice primal scream therapy at the bozo. It was a
computer professional with many years of experience that should have
known better.
On systems that I maintain, NOBODY assigns IP addresses without first
asking me or at least telling me shortly afterwards. That included
the boss at one company that I locked out until his appointment
schedule allowed me to explain the problem. He was angry. I was
angrier.
If someone were to assign their own IP address on one of my systems,
they will be presumed to be an attacker and treated accordingly.
--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060
http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558