Setting up separate network question
Ben Scott
dragonhawk at gmail.com
Wed Mar 19 13:04:12 EDT 2008
On Wed, Mar 19, 2008 at 11:01 AM, Labitt, Bruce
<labittb1 at tycoelectronics.com> wrote:
> One of the reasons originally given to me was "they" did not want the possibility
> of ever having a DHCP server [mine] getting attached to the corporate network.
A rogue DHCP server can wreck all sorts of havoc on to a network, so
that's a reasonable fear.
Of course, the real danger scenario is some luser (not you) buying a
SOHO router, and plugging their corporate LAN drop into the "local"
side, thinking that's all they need to do to gain an extra LAN port.
You actually know at least the basics of what you're doing, and asked
first. So you get punished, while the luser scenario is still
possible
> I don't blame them, but I would think there are alternate ways to ensure this.
With a good managed switch, it's possible to do things like
broadcast suppression or MAC address access control. (That would also
prevent the luser scenario described above.)
> Maybe sometime I'll actually get to do some work on this. ;)
Heh. Story of my life. :)
-- Ben
More information about the gnhlug-discuss
mailing list