Charles, we've discussed this before. The person who can't configure a network setup to shut down Kazaa shouldn't be allowed near computers.
Yes Charles, you are not a network admin, because you lack the skills and training to be one. You really don't know how firewalls work, because you've never been trusted near one. Some of us here are network admins and we know how to do our job. Also remember that the world is not like your two computer home network. Some of us have to put up with several thousand computers on the LAN, and may have to deal with over a hundred thousand systems company wide on more than five hundred subnets. Do you even know how that might be configured? Do you even know what a subnet is, and why it might be used?
Well, my setup can do it and do it well. Its just a matter of telling the firewall not to let the socks proxy use port 80, and ports 1000-5300. I am simply going on what I was taught in college. We were taught to do it all using software.
Well, actually, each computer would be in sets of 254 computers for each subnet. Routers, gateway programs, and the like only can support 254 computers each. If you have thousands of computers, you must have several routers or several nick cards to do it.
Sure, there class A, B, anc C subnets. Class C, the most common, supports up to 254 machines (addresses 0 and 1 are reserved).
by your astronomy instructor if I recall correctly. Any serious business doesn't use the toy firewalls, because the users can override them. Also the "personal" firewalls don't scale. I hope that was an overview class you took, because otherwise I'd recommend filing suit for fraud against the school.
0950 Internet Standard Subnetting Procedure. J.C. Mogul, J. Postel. Aug-01-1985. (Format: TXT=37985 bytes) (Updates RFC0792) (Also STD0005) (Status: STANDARD)
1122 Requirements for Internet Hosts - Communication Layers. R. Braden, Ed.. October 1989. (Format: TXT=295992 bytes) (Updated by RFC1349) (Also STD0003) (Status: STANDARD)
1219 On the assignment of subnet numbers. P.F. Tsuchiya. Apr-01-1991. (Format: TXT=30609 bytes) (Status: INFORMATIONAL)
1878 Variable Length Subnet Table For IPv4. T. Pummill, B. Manning. December 1995. (Format: TXT=19414 bytes) (Obsoletes RFC1860) (Status: INFORMATIONAL)
Pay particular attention to the last one. Any idea why we might be using a mask of 255.255.252.0 (/22 or FFFFFC00) which is 1022 hosts on one wire.
The normal use would be routers - we're using Ciscos with up to sixteen interfaces per. You could use a PC with multiple NICs, but they tend to run out of bandwidth pretty quick - even if you put multiple interface NICs like the DLink DFE-570TX or DFE-580TX (four NICs on a single PCI card) or the many different dual NICs. Again, you don't use toy setups for serious business.
Class A, B, C, D, and E went out of fashion in 1993. See
1519 Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy. V. Fuller, T. Li, J. Yu, K. Varadhan. September 1993. (Format: TXT=59998 bytes) (Obsoletes RFC1338) (Status: PROPOSED STANDARD)
When a Regional Internet Registry like AFRINIC, APNIC, ARIN, LACNIC or RIPE (or a national registry within your country of registration, or even a major provider like BBN, AT&T, Level3, or MCI) assigns you a block of addresses, you can subnet it as you see fit, subject to the recommendations on RFC1219. Our primary block was assigned to us in 1986, and it was divided into /22s based on the expected number of computers in a department.
And if you read RFC1878, you'll discover and you made another error about 'addresses 0 and 1 are reserved'.
It is something supported by Google Grouops. Most newsreding software (for windows anyway) wont let you edit the headers directly, so Google modified their system to recognize that anywhere in the message. When it sees that, it will delete the post 6 days after it is first received. When Google receives this message in the news stream, and sees the XNA in the body of the message, it will be flagged for deletion 6 days after it is first received.
My firewall is NOT a "toy" the PFW sits on the gateway machine and everything behind it is firewalled. The only way to override the PFW would be to be able to gain access to the gateway machine itself. If any business using a software firewall on a gateway machine keeps that machine in a locked room accessiable only to authorized personnel, then they should be ok.
It would seem you would need more than that to host that many machines on one nic card, becuase
255.255.255.0 is what you use on both Microsoft ICS and AllegroSurf, for a 254 maching class C subnet. It would seem you would need a number lower than 252 to accomplish having 1022 hosts on one wire.
D and E? When I took a networking class in
1999, we were only taught about class A, B, anc C. Never heard of D and E. We were taught everything would you ever want to know about Microsoft networking. Windows NT 4.0 also used ICS, which has been in every Windows version since Windows NT 4.0. It has been in NT4, ME, 2000, XP, and 2003, and will be available, as far as I know, for Longhorn. I do find, however, that my network is generallly more secure if I use AllegroSurf, Wingate, or something other than Microsoft ICS. I dont see as many probes being detected on the gateway machines.
recommendations
Well, Microsoft and AllegroSurf both reserve 0 and
1 on the class C subnets and that each company's software product creates. That leaves 254 machines available on class C subnets created by either software product.
I am going on what they taught me in networking class in college in 1999. We were taught everything you ever wanted to know about Microsoft Networking. That is becuase Microsoft dominated the computing world back then and still does today. Windows runs more than 95 percent of the world's computers.
While it is true that the XNA situation arose back in Deja News days and Google picked up on the custom when it assumed the archives and evolved into their current 6 day policy, there are several different archive types of headerlines and standard practices for managing them.
ROTFLMFAO! *NO* Mr Newman, as with your fanboi appraisalof evidence eliminator, you couldn't be more wrong if you tried.
No Mr Newman you do not.
That information Mr Newman is over a decade out of date.
May I suggest getting your networking knowledge to the level such that you can read *and* understand what's in RFC1519 before embarrassing yourself further.
Charles, the P stands for 'personal', not the laughable 'professional' (have you ever seen _any_ people who make their living in a trade using a product labeled or advertised as "Professional"?).
255.255.255.0 (or it's translated equivalent of /24 or FFFFFF00) is what you use on ANY operating system for a 254 or 255 host network (255 is possible because your "reserved" concept is wrong). However all operating systems can use other masks from 0.0.0.0 (/0 or 00000000) on down to 255.255.255.252 (/30 or FFFFFFFC) or (on point-to-point links like dialin) 255.255.255.255.
See those RFCs - 255.255.252.0 (/22 or FFFFFC00) is a lot more common than you can imagine.
"a networking class in 1999" - think about that. Oh, and how much experience do you have? If someone was still teaching Class (A-E) in
1999, the school is teaching obsolete information - five YEARS obsolete. What was the name of this school? I'm sure there are a number of people here who would want to know.
What's that? You plug in the computer, turn it on, and it works. Microsoft borged the Apple Rendezvous because setting up networking is so hard. And it's even somewhat secure because it's non-routable, just like the "NETBEUI" protocol they used in WfW and NT before they realized the world wasn't so stupid as to use a protocol that intentionally avoided security because it got in the way. Microsoft transitioned to TCP/IP in NT 3.51 only thirteen years after everyone else. I must admit with this Apple protocol microsoft is using that I've never seen a "Security Considerations" section in an RFC so large and containing so many dire warnings before, but people who use Microsoft networking aren't going to read it anyway.
And this is important exactly how?
And you're surprised by this?
They're just responding to the highly insecure services that are built in to windoze to make it "easy to use".
Uhuh. You really want to re-read those books and RFCs. Even microsoft wouldn't make that big of a mistake.
They do have their own buit-in router, ICS, though I do find third party software to be much more secure as not as vulerable to attack as the Microsoft ICS program
Well, like I say, I have switched to using third-party software, such as AllegroSurf. I find that it is not as vulnerable to attack as Microsoft ICS. If you do use a Microsoft Windows server, do use a third-party program, such as AllegroSurf, you will find your system not as vulnerable. While I still get the rare malware infection, my network is much more secure with ProxyPro, AllegroSurf, or Wingate, than it us using native Microsoft Internet Connection Sharing (ICS). Most worms take advantage of flaws in ICS, which do not exist in third-party products
I really do want to know the name of this college. It sounds more like a MCSP class taught at Office Depot than anything a reputable school would teach.
of which most are running at home (and badly infected), very few are servers because of massive security problems built into the O/S, fewer still are Internet facing, and only a few do more than perfunctory IP networking. By the way, your 95 percent figure is advertising copy unrelated to facts. You could find more accurate figures if you used your search engine instead of parroting half remembered course material.
Microsoft got into TCP/IP thirteen YEARS behind the crowd. With the rest of the world thirteen years ahead of them, they _could_ have learned from the vast experience - but no - microsoft follows standards (including their own) like an elephant follows migrating whales - it really can happen by chance, but the chances are very poor, and microsoft usually goes out of it's way to avoid this if at all possible. The result is a pirated network stack based on Berkeley code, but otherwise butchered.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.