[olug] DNS lookups lagging?

Kevin sharpestmarble at gmail.com
Wed Aug 27 21:00:53 UTC 2008


They'd also be running a DHCP server from plugging the public cable
into a private port. I think that that would be something that your
provider would cut you off for(if they don't have some other way of
keeping DHCP traffic from reaching other systems).

On Wed, Aug 27, 2008 at 3:13 PM, Sam Tetherow <tetherow at shwisp.net> wrote:
> These can come from a couple of places.  People really do plug stuff in
> backwards especially if it stops working for some reason.  They unplug
> stuff, plug it back in and then decide they need to call, usually a
> couple of days later.  Meanwhile they are spewing private IP all over.
>
> Another problem is cheap routers will leak.  Usually a power cycle will
> fix them most likely it is memory corruption from too many ARP records.
>
>    Sam Tetherow
>    Sandhills Wireless
>
> Rob Townley wrote:
>> i like NAT as well, but have always had concerns about leakage.  Most of us
>> probably have the following:
>> internet <> CableModem <> NAT <> servers and workstations
>>
>> 192.168.*.* is not supposed to be leaked out of your router, but then how is
>> it that we can ping and open 192.168.100.1 which is the web page of the
>> Cable Modem?  Ever done a packet capture on a hub connecting your NAT's WAN
>> port and Cable Modem?  There can be tons of leaked private addresses.  A
>> long time ago on cox at home connection, would have all sorts of 192.168.*.*
>> that must be your neighbors or cox infrastructure.
>>
>> On Tue, Aug 26, 2008 at 11:50 PM, DYNATRON tech <dynatron at gmail.com> wrote:
>>
>>
>>> my router's firewall works just fine.
>>> just in case, i also set my toaster's gateway address to 127.0.0.1
>>>
>>>
>>>
>>> On 8/26/08, Will Langford <unfies at gmail.com> wrote:
>>>
>>>>> NAPT is not supposed to "protect" you in any way. It's just a hack to
>>>>> workaround the limitations of the small IPv4 address space. It would be
>>>>> perfectly valid for a NAPT router to attempt to automate port
>>>>>
>>> forwarding
>>>
>>>> by
>>>>
>>>>> passing on an unknown port to *all* systems and giving it to the first
>>>>>
>>> to
>>>
>>>>> ACK
>>>>> it-- which means Nigerians could still get to your toaster without a
>>>>>
>>>> proper
>>>>
>>>>> firewall in place.
>>>>>
>>>>>
>>>> As a quick shrink wrap solution that works for 90-95% of ppl, nat/masq
>>>>
>>> does
>>>
>>>> great as a firewall deal .
>>>>
>>>> When everything gets globally aware,  I sincerely hope they do something
>>>> more along the lines of a universal home server that everything talks to
>>>> (or
>>>> similar)... I'd rather secure one device than hundreds.  Who's going to
>>>> provide that single server ? Hah, would I like to be the one :).  $$$$!!!
>>>>
>>>> -Will
>>>> _______________________________________________
>>>> OLUG mailing list
>>>> OLUG at olug.org
>>>> https://lists.olug.org/mailman/listinfo/olug
>>>>
>>>>
>>>
>>> --
>>> dynatron digital services
>>> box 191 - 68037
>>> www.dynatron.org
>>> dynatron at gmail.com
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> https://lists.olug.org/mailman/listinfo/olug
>>>
>>>
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list