Re: Proxy 2.0 secure?

[John McDermott <jjm () jkintl com>]

--- On Tue, 30 Jun 1998 04:52:40 -1000 (HST)  NetSurfer 
<netsurf () sersol com> wrote:

> On Mon, 29 Jun 1998, Brian Steele wrote:
>
> > I don't know who you are quoting (I forget the orig poster, sorry), but 
my
> > problem with dynamic DHCP is less with the dynamic-ness than the short
> > leases. The issue is that if the leases are short (e.g. less than a few
> > weeks even), it is virtually impossible to track down a misbehaving 
system
> > because it is difficult to map between MAC and IP addresses. This problem
> > can be alleviated with long leases: I suggest a year or so.
>
> Also remember that MS DHCP automatically gives the lease renewal the same
> IP address unless the address is no longer available.  So long as the
> address has not been given out to a different workstation (which should
> only happen if the node had been down long enough for a new w/s to get the
> IP) or had not been reserved (manually) the MAC <=> IP should behave
> statically regardless of having a short lease.

Clearly.  The issue is that many (most?) folks who use dynamic DHCP with 
short leases do so because the number of machines is larger than the pool 
of free addresses.  This leads to the problem I noted.

Even though one can sift through logs to find the owner of an address at a 
given time, I still prefer really long leases or static addresses.

> --
> James D. Wilson
> netsurf () sersol com
>
> "non sunt multiplicanda entia praeter necessitatem"
>    William of Ockham (1285-1347/49)

--john

>

-----------------End of Original Message-----------------

-------------------------------------
Name: John McDermott
VOICE: 505/377-6293 FAX 505/377-6313
E-mail: John McDermott <jjm () jkintl com>
Writer and Computer Consultant
-------------------------------------