IP address conflicts

Ted Mittelstaedt tedm at toybox.placo.com
Mon Sep 27 20:20:51 PDT 2004



> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Matthew Seaman
> Sent: Monday, September 27, 2004 2:22 AM
> To: Tim Aslat
> Cc: freebsd-questions at FreeBSD.ORG
> Subject: Re: IP address conflicts
>
>
> On Mon, Sep 27, 2004 at 08:51:47AM +0930, Tim Aslat wrote:
>
> > I have an annoying situation in a school I do casual work in their IT
> > department.  There are a number of individuals within the system who
> > think it's funny to allocate an IP address on a workstation identical to
> > the network's proxy/web/mail servers.  What I'd like to know is, would
> > there be any way of preventing this short of spending quite a lot of
> > money on managed switches an the like?
>
> Well, you could move all of the servers onto a separate network to any
> of the individual client machines (and make sure that the server
> network isn't accessible from any of the network ports your clients
> have access to, clearly).  That way, even if one of your pet idiots
> decides to 'borrow' a server IP address, the network routing means
> that all they are going to do is hurt themselves.
>

You must want to HELP the little shits then.

Think of this for a second.  Right now he has maybe 4-5 different servers
that
people are putting the IP numbers on.  Once you move all those servers onto
a
separate subnet, now all the little twits have to do is put the IP number of
the gateway router onto their systems, then the entire subnet that ALL the
servers are on becomes inaccessible.

Ted



More information about the freebsd-questions mailing list