how-to block ads
|
|
Uniqs:
108 |
Share Topic
 |
 |
|
|
 Wills
join:2001-01-03
Port Charlotte, FL | Fine lines. DHCP is the biggest contributor to an attitude like this. If you could know at a glance, what user is causing havoc on your network, you cut him off. You tell him his service will continue once his computer is clean, he stops his spam, or whatever it is he's doing.
But you can't do this quickly and efficiently with DHCP in place. You have to scrounge the logs to find out who had what IP at what time and by the time you're done searching your logs the damage is done.
It was said that the CodeRed virus spread so fast, that if every computer in the world was turned on they would all be infected in under 15 minutes. That's impressive. And even with a good script, you aren't going to search your logs, identify a user and shut him down in that time.
Cable companies are the biggest to blame. Just the topology of cable internet is a haven to spread virii. They supply the modem. There is no reason they can't get it's MAC, set you up static, and monitor their network properly. Yes, it's time consuming (but it can all be automated).
So is cleaning up a virus.
--
Abit VP-6 twin 800EB's @ 1002 Mhz.Proud member of the XDC. | |
wentlancYou Can't Fix Dumb..
join:2003-07-30
Maineville, OH | You can implement DDNS along with your DHCP and know exactly who has which IP address.
Not to mention that MAC addresses that point to the internet rarely change.
puritan | |
 cowboySo Much For SubtletyPremium
join:2000-03-14
Morgan Hill, CA | said by wentlanc:
Not to mention that MAC addresses that point to the internet rarely change.
For the honest (or newbie) true, but they can also be trivially overriden and changed at whim
--
Richard Nelson | |
 NevsterPremium
join:2002-04-06
Dalhousie, NB | reply to Wills
said by Wills:
DHCP is the biggest contributor to an attitude like this.
But you can't do this quickly and efficiently with DHCP in place.
Cable companies are the biggest to blame. Just the topology of cable internet is a haven to spread virii. They supply the modem. There is no reason they can't get it's MAC, set you up static, and monitor their network properly. Yes, it's time consuming (but it can all be automated).
So is cleaning up a virus.
DHCP is used to provide computers with an IP address, a netmask, a default gateway, a nameserver, and other necessary information. It does not contribute to spam, world hunger, virus activity, porn, or your unhappiness.
If there is a network activity going on right now that I need to abort in a hurry, here's what I and many others do:
1. find the source and destination IP address of the harmful traffic
show ip cache flow | include --harmful traffic search string--
2. find the source or destination MAC address of the harmful traffic.
show ip arp --participating IP address--
3. find the cable modem involved
show cable modem --participating MAC address--
4. Filter or shut off cable modem involved.
do complicated web-interface stuff
-----
If I automate this process, I will peg innocent people. Therefore, I use my judgement before shutting or filtering someone.
=====
Cable modem topology is just like ethernet topology (close enough for this dicussion). I think ethernet came quite some time before DOCSIS. Hey, lets keep going with this: The Internet is Not Perfect in whole or in part!
====
If your computer gets a virus, that's your problem. If his computer gets a virus, that's his problem. If any computer gets a virus, and it causes me problems, then I have a problem, and I will solve my problem with the resources I have control over, and you might not like the solution, if one of those resources happens to be your cable modem service. I wouldn't be angry with YOU, or even your choice of virus protection software or operating system. It's really just me taking care of my problems the best way I know how. I hope you would understand.
====
| |
|
