advice wanted on structuring LAN + internet

David P. Schwartz davids@desertigloo.com
Wed, 27 Dec 2000 12:31:19 -0700 

Look guys, I'm a software developer, and I'm not yet well-versed in the nuances of programming to datacomm APIs.  I'd prefer to leave the web
Admin duties to somebody else.  At the moment, I'm sorta stuck with handling them myself.  So it's fun to see y'all arguing over details I
never would have thought of :-)

Qwest says you get 5 usable IPs out of a block of 8.  They don't offer an explanation -- you're supposed to know that.

-David

George Toft wrote:

> Hi David,
>
> "David P. Schwartz" wrote:
> >
> > George Toft wrote:
> >
> > > First method requires:
> > > - one IP addr;
> > > - You to maintain firewall;
> > >
> >
> > Usually, static IPs come in a block of 8.  Five are available for use.  I'm not sure how many need to be dedicated to the server, but I'm
> > sure one is available for the LAN.
>
> Hmmm...
>
> If you get a block of eight, the first is your subnet number, and the
> last is your broadcast address, leaving six for use.  I wonder why
> you only get five to use?
>
> >
> > > Second method requires:
> > > - two IP addr from ISP ($$$);
> > > - You to trust D-Link to write good firewall rules.
> >
> > These things basically block all incoming requests unless you tell them to open specific ports.  It's in ROM, so there's nothing to hack
> > or bypass.
>
> <rant>
> And there has never been a security exploit in any OS, right?  There
> has never been a vulnerability in Cicso IOS, either (boaahahaha).  How
> do you update a ROM when some cracker finds an exploit to the D-Link
> OS and all the script-kiddies come knocking.  Surely D-Link has
> thought of this, so what do you do?  Buy new ROMs, or a new router?
> Maybe it's flash ROM and you can update it from their website, which
> brings me back to vulnerabilities - ever hear of the Chernobyl
> (W95.CIH) virus or the Millennium Internet Worm?
>
> No thanks - I'll stay with something I control and I can update.
> </rant>
>
> George
>
> [snip]
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss