Re: [netatalk-admins] multiple interfaces

Subject: Re: [netatalk-admins] multiple interfaces
From: Devin Reade (gdr@eddore.gno.org)
Date: Wed Jun 09 1999 - 12:08:33 EDT

• Next message: Patrik Schindler: "Re: [netatalk-admins] multiple interfaces"
• Previous message: Rob Cascella: "Re: [netatalk-admins] partition size limit?"
• In reply to: tkaczma@gryf.net: "Re: [netatalk-admins] multiple interfaces"
• Next in thread: tkaczma@gryf.net: "Re: [netatalk-admins] multiple interfaces"
• Reply: Devin Reade: "Re: [netatalk-admins] multiple interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

tkaczma@gryf.net wrote:

> A better solution would be to make sure that your firewall blocks
> appletalk over IP and call it a day.

I'll second this.

> Another solution, which I think is
> better would be to keep appletalk off the "unsecure" segment altogether
> and equip any mac necessitating a direct connection to the I-net with a
> second ethernet interface to talk to the internal network.

Unfortunately, that kind of defeats the purpose of the firewall,
having one or more machines (other than the firewall) connected
to both networks. And if someone happens to configure one of
those macs to act as a router, then your problems are just beginning
(and not just because of potential crackers).

Devin

-- 
A competent and self-confident person is incapable of jealousy in anything.
Jealousy is invariably a symptom of neurotic insecurity.
							- Robert Heinlein

• Next message: Patrik Schindler: "Re: [netatalk-admins] multiple interfaces"
• Previous message: Rob Cascella: "Re: [netatalk-admins] partition size limit?"
• In reply to: tkaczma@gryf.net: "Re: [netatalk-admins] multiple interfaces"
• Next in thread: tkaczma@gryf.net: "Re: [netatalk-admins] multiple interfaces"
• Reply: Devin Reade: "Re: [netatalk-admins] multiple interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:48 EST