I can't get my coworkers to understand the basics of a routing table, Windows or Linux. How do you go about explaining this to noobz?
...
Halp!
Destination Network/Host | Network Mask | Gateway | Explanation |
10.1.1.25 | 255.255.255.255 | 10.1.1.1 | Host-specific rule - note the mask, denotes only that IP. |
10.1.1.0 | 255.255.255.0 | 10.1.1.1 | Network-specific rule - note the mask, denotes the whole 10.1.1.0 network. |
192.168.1.0 | 255.255.252.0 | 192.168.1.1 | Route to the DMZ - a network spanning 192.168.1.1 - 192.168.2.255. |
192.168.10.0 | 255.255.252.0 | 192.168.10.1 | Route to Wireless Network - same size as above. |
172.16.0.0 | 255.255.0.0 | 172.16.0.1 | Route to the VPN network - 172.16.0.0-172.16.255.255 (very large). |
10.0.0.0 | 255.0.0.0 | 10.0.0.1 | Route to the rest of the company's network - 10.0.0.0-10.255.255.255 (extremely large private network). |
0.0.0.0 | 0.0.0.0 | 24.15.240.1 | Route to the rest of the internet, usually your ISP's gateway. |
Here's a question at the other end of the networking spectrum:
For a home user, is there any compelling security reason to be running a dedicated firewall instead of one of those all in one router/switch/wifiAP devices?
This is assuming that the all in one doesn't have insecure 'cloud' or remote access functions enabled, and is running firmware not straight from the manufacturer (dd-wrt/tomato/merlin, etc).
Second question: What's your opinion of Cisco vs Juniper router performance at the medium/large enterprise level?
Huh, I should have put this thread on my notify list, sorry about missing your reply weeks ago!
I'll have to re-read your post as it's some silly hour in the morning here, but I did at least finally get around to setting up pfsense yesterday :)
If you really want to get into security, I'd suggest running a dedicated linux firewall in front of your router (pfSense or iptables). As long as there are two ethernet ports, you are good to go. Could be a fun project for a tiny x86 computer, even an old one. You'll learn linux, how to run httpd, mysql, and all sorts of fun stuff. Steep learning curve for the less-technical experienced.
So here's a tough problem that seems to be more commonplace now--bypassing country specific IP address restrictions.
My wife's parents are in India, but when visiting there, my wife can't watch her shows because Netflix and Hulu are blocked based on the local IP. I have several IPsec site-to-sites in the US that I tunnel in from there for work, and I know I can always use that as a way around.
So what I'm trying to design is a dirt cheap, super simple way of getting the parents' television (which isn't smart) to tunnel into my network (different vlan and all that) and then get its stream from the US. The reason I want to do this vs a VPN provider is to save cost. Only a one-time investment for the solution this way as opposed to monthly/yearly fees otherwise.
Will love to hear your thoughts!