On Sat, 26 Feb 2000, Theodore Y. Ts'o wrote:
>Given my past experience with certain broken HP Printer drivers (for
>Windows) that would SNMP sweep an entire class A network at high speed,
>I'm less convinced that this kind of scanning is *ever* appropriate.
Well, having worked for an ISP and currently working for Make Systems
(we make network modeling software), there is a place for this, BUT IT
SHOULD NEVER BE DONE WITHOUT EXPLICIT OPERATOR ACTION. Translation: If
I didn't run a specifically designed network discovery tool, then this
should not happen. A fucking printer driver shouldn't even know what
>Especially since given the use of CIDR, there's absolutely no guarantee
>that a class C subnet is going to be local. More often than not, people
>routinely get fractions of a class C these days, and the rest will go
>out over a potentially slow link.
And likewise, the DNS server the application is looking for may not be on
the same network.
>... Also, a company that has this kind of firewall is
>also likely to have a DHCP or BOOT infrastructure, which is something
>else that *really* should be tried first. In fact, the order that
>should be used is probably:
> * DHCP/BOOT
> * IN-ADDR lookup of NS records
> * DNS capetbombing of local subnet with ttl set to 1
Didn't it already use DHCP to get an IP address? How many DHCP servers don't
send back DNS server data as well? At any rate, people should stop trying
to make their installers such smart-asses. Ask the damned operator before
you "drop back and punt." Odds are, the person installing things knows the
DNS server addresses. And if they don't, the installer can give them the
_option_ of sending megabytes of junk to hundreds of machines in the off-
chance they'll handle DNS for you.
If you ever have to scan a range of addresses, it's probablly in your best
interest to ask the monkey with the keyboard for some input/guidance.
PS: I'm all to well aware of the ever dwindling average intellegence on linux
users, but I still advocate asking a stupid user before doing something
PPS: Even windows will ask for DNS settings in the absence of DHCP. No DNS
in the DHCP data == NO DNS unless you specify the settings.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 29 2000 - 21:00:15 EST