MAC addresses, hostnames, and DHCP
Paul Lussier
p.lussier at comcast.net
Thu Dec 1 11:38:08 EST 2005
Travis Roy <travis at scootz.net> writes:
> But why have the same IP on two different MACs? or even the same hostname?
As a matter-of-fact, it's a very BAD idea to have your wireless NICs
on the same network as your wired NICs. Wired networks have a level
of security you can never achieve with wireless. Therefore, the
"Right Thing" to do is have your wireless network be completely
separate from your wired network and be off of your DMZ. If they need
to get "inside" from the wireless net, then, for clueful users, tell
them to use SSH. If your ratio of clueful to clueless is too low,
then it's time for a VPN.
And *that* means you should put all your completely untrustworthy
systems which need to be accessed by these clueless people on a
totally separate and and isolated subnet so that when they access this
stuff from home using the VPN and infect their Exchange server, your
clueful users don't suffer :)
--
Seeya,
Paul
More information about the gnhlug-discuss
mailing list