Firewall Wizards mailing list archives
Re: Proxy 2.0 secure?
From: "Brian Steele" <steele_b () spiceisle com>
Date: Sat, 27 Jun 1998 11:00:03 -0400
Dynamic DHCP is _BAD_. I see no reason for anyone to use it.
And why is it bad? Almost everyone I've spoken with suggest dynamic IP allocation for the PCs on our LAN, and the use of WINS/DNS for name resolving (MS's implementation of DNS uses WINS to determine the names associated with each PC, so there's really no need for static addressing).
Use static DHCP and enforce it with switching hubs and tools like arpwatch. That will provide much more control and monitoring features.
A static addressing scheme will be a nightmare on our LAN, particularly as we're facing a potential IP renumbering exercise when our LAN is connected via TCP/IP to the other business units.
Will I be able to move to another PC and continue to enjoy my privileged access to the Internet without any reconfiguration on the part
of
the PC or the server, while another user is only allowed HTTP access to certain sites from my PC, based on his authentication level under NT,
again
all transparently?Are you _sure_ you _need_ that? Are you sure it is a good idea from the security viewpoint? I'd better not to allow such things.
I'm firmly on the side of the one username/ one password security scheme for an internal LAN - otherwise moronic users (and the level of "moronity" seems to rise the further you go up in management, which tend to have access to more confidential information than the rank and file) who are assigned multiple usernames/passwords would tend to write them down or otherwise take note of them to remember them - BIG security risk. Brian Steele
Current thread:
- Re: Proxy 2.0 secure?, (continued)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Vanja Hrustic (Jun 26)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Kjell Wooding (Jun 26)
- Re: Proxy 2.0 secure? ark (Jun 26)
- RE: Proxy 2.0 secure? Choi, Byoung (Jun 26)
- Re: Proxy 2.0 secure? Gillian Steele (Jun 26)
- Re: Proxy 2.0 secure? Ted Doty (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 26)
- Re: Proxy 2.0 secure? Brian Steele (Jun 28)
- Re: Proxy 2.0 secure? Rodney van den Oever (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- Re: Proxy 2.0 secure? John McDermott (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? NetSurfer (Jun 30)
- Re: Proxy 2.0 secure? John McDermott (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
(Thread continues...)