OK Guys I need help. I have a very small network (lets say x.y.z.0 - x.y.z.255). Now I do not have any control over the router. But I am in control of the switch that splits the network from one single physical line (wire). I have a bridge fire wall between the line and the switch that filters out the intrusion. The way I distribute the IP addresses is through a dhcp server (its a dynamically static IP), meaning some of the machines I put as static and the other machines that I trust and control (limited access) are set thru the dhcp with MAC address.
Not as you guys know we can set a subnet in the dncp.conf
Code:
# ip addresses available for everybody
subnet x.y.z.0 netmask 255.255.255.0 {
range x.y.z.200 x.y.z.220;
}
for IP addresses I have available and that I can give out to people who visit and hook up their computer to browse and do stuff, which we need. But recently someone has been trying to download some illegal stuff (p2p) via that open IP range. Now the way I limit my security outbreak is to trust my users and limit their activity. But how can I control the activity on that IP range? BTW - I do not have any VPN setup so no authentication process, I dont know how feasible it would be to setup one for such a small network! I do all my stuff via ssh.
My thoughts:
1. I can stop service for that range, meaning no range to get IP from but if by any chance the person knows the domain s/he can statically set one ?!?
Please help. This is not how I would set things up if I had full control oner the network but unfortunately this how it is. But I also need to secure this network too. So, I am asking for help
I am using shell script to do secure ftp. I have done key file setup to do password less authentication. Following are the FTP Details:
FTP Client has Sun SSH.
FTP Server has F-Secure.
I am using SCP Command to do secure copy files. When I am doing this, I am getting the foll error
scp:... (2 Replies)
I am developing a Network Appliation to monitor computers in a network.
Specs are
App monitors the current web page viewed in each system
App also can shutdown the computer in the network
App can show all process run by each computer in the network
I am now confused how to start my... (2 Replies)
hello i have a ubuntu ssh server that i can acess from any of my comnputers but only if they are on the same wireless network as the server. i tested trhis my tehtehring my samsung blackjack to my windows partition and installing openssh to windows it works when windows is on the wireless but no... (1 Reply)
i need to configure a zone to use different interface (bge2) than global and have connected to completely different network switch & to use its own defaultrouter and hosts file .. is it possible ..if so ..how ?
Thanks (9 Replies)
Hi,
I'm a italian student. For my thesis I develop a gateway with protocol 6lowpan.
For that I must access to network interface to develope my personal stack based on standard 802.15.4.
Can you help me? I need an explanation for that. (0 Replies)
I've one Netra 240
After changing main board and system configuration card reader, Network is not accessible any more, Network interfaces are always UP and Running even when there is no cable connected to Network interfaces.
I tried to restart and plumb/unplumb with no luck.
ifconfig -a... (7 Replies)
Hi,
I have 2 machines in production environment:
1. redhat machine for application
2. DB machine (oracle)
The application doing a lot of small read&writes from and to the DB machine.
The problem is that after some few hours the network from the application to the DB becomes very slow and... (4 Replies)
My son does homework on a school laptop. I was thinking about setting up a gateway on my home network, so that I can monitor web traffic and know if he is doing his homework without standing over his shoulder. Ideally I would like to use the Raspberry Pi Model b that I already have. However, I... (15 Replies)
Discussion started by: gandolf989
15 Replies
LEARN ABOUT XFREE86
netmasks
netmasks(4) File Formats netmasks(4)NAME
netmasks - network mask database
SYNOPSIS
/etc/inet/netmasks
/etc/netmasks
DESCRIPTION
The netmasks file contains network masks used to implement IP subnetting. It supports both standard subnetting as specified in RFC-950 and
variable length subnetting as specified in RFC-1519. When using standard subnetting there should be a single line for each network that is
subnetted in this file with the network number, any number of SPACE or TAB characters, and the network mask to use on that network. Network
numbers and masks may be specified in the conventional IP `.' (dot) notation (like IP host addresses, but with zeroes for the host part).
For example,
128.32.0.0 255.255.255.0
can be used to specify that the Class B network 128.32.0.0 should have eight bits of subnet field and eight bits of host field, in addition
to the standard sixteen bits in the network field.
When using variable length subnetting, the format is identical. However, there should be a line for each subnet with the first field being
the subnet and the second field being the netmask that applies to that subnet. The users of the database, such as ifconfig(1M), perform a
lookup to find the longest possible matching mask. It is possible to combine the RFC-950 and RFC-1519 form of subnet masks in the net-
masks file. For example,
128.32.0.0 255.255.255.0
128.32.27.0 255.255.255.240
128.32.27.16 255.255.255.240
128.32.27.32 255.255.255.240
128.32.27.48 255.255.255.240
128.32.27.64 255.255.255.240
128.32.27.80 255.255.255.240
128.32.27.96 255.255.255.240
128.32.27.112 255.255.255.240
128.32.27.128 255.255.255.240
128.32.27.144 255.255.255.240
128.32.27.160 255.255.255.240
128.32.27.176 255.255.255.240
128.32.27.192 255.255.255.240
128.32.27.208 255.255.255.240
128.32.27.224 255.255.255.240
128.32.27.240 255.255.255.240
128.32.64.0 255.255.255.192
can be used to specify different netmasks in different parts of the 128.32.0.0 Class B network number. Addresses 128.32.27.0 through
128.32.27.255 have a subnet mask with 28 bits in the combined network and subnet fields (often referred to as the subnet field) and 4 bits
in the host field. Furthermore, addresses 128.32.64.0 through 128.32.64.63 have a 26 bits in the subnet field. Finally, all other
addresses in the range 128.32.0.0 through 128.32.255.255 have a 24 bit subnet field.
Invalid entries are ignored.
SEE ALSO ifconfig(1M), inet(7P)
Postel, Jon, and Mogul, Jeff, Internet Standard Subnetting Procedure, RFC 950, Network Information Center, SRI International, Menlo Park,
Calif., August 1985.
V. Fuller, T. Li, J. Yu, K. Varadhan, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy, RFC 1519,
Network Information Center, SRI International, Menlo Park, Calif., September 1993.
T. Pummill, B. Manning, Variable Length Subnet Table For IPv4, RFC 1878, Network Information Center, SRI International, Menlo Park, Calif.,
December 1995.
NOTES
/etc/inet/netmasks is the official SVr4 name of the netmasks file. The symbolic link /etc/netmasks exists for BSD compatibility.
SunOS 5.10 7 Jan 1997 netmasks(4)
01-21-2009
