[MLB-WIRELESS] Private network? I think not...

Adrian Close adrian at close.wattle.id.au
Wed Oct 31 12:28:36 EST 2001


On Tue, 30 Oct 2001, dwayne wrote:

> > The more I think about this (and I've been doing so for some years now)
> > the more I am convinced that there is no such thing as a "private
> > network".  If you connect it to the Internet, it becomes part of the
> > Internet.
>
> no way, we can firewall packets internally so they don't get out on the
> net, and restrict what comes in and goes where.

A firewall is a tool for enforcing policy on traffic passing between
networks.  If one side is connected to the Internet at large, then so is
everything else connected to the firewall.

If a network the firewall is connected to is indirectly connected to the
Internet, then so is the firewall.

Even if it starts out unconnected to the Internet, it will almost
certainly end up being connected at some point, so build your network with
that in mind.

> Connecting it to the internet is entirely seperate from getting it up
> and running locally.

To a certain degree.  Again, I am simply suggesting that you build
whatever you're building with the assumption that it will be
Internet-connected at some point.

By all means, use RFC1918 addresses on a test link, but plan to renumber.

Adrian Close			email:	adrian at close.wattle.id.au
1 Old Gippsland Rd.		web:	http://www.close.wattle.id.au/~adrian
Lilydale, VIC, 3140, Australia	mobile:	+61 412 385 201

Echelon teaser: MD5 RX-7 SSL Kiwi TRD DEADBEEF Bubba


--
To unsubscribe, send mail to minordomo at melbwireless.dyndns.org with a subject of 'unsubscribe melbwireless'  
Archive of the Entire mailinst list at:
http://melbwireless.dyndns.org/cgi-bin/minorweb.pl?A=LIST&L=melbwireless



More information about the Melbwireless mailing list