Network Config (was Re: [NBLUG/talk] Changed Network)
sms at sonic.net
sms at sonic.net
Fri Apr 30 15:52:37 PDT 2004
> > At that point, my biggest concern is maintenance/monitoring; it's a
> > pain if your logs/reports/etc (from 3 routers) are collected on
> > separate boxes, and/or if you have configs and change-control on
> > separate boxes.
>
> Ummm. *simple* inxpensive routers don't have logs. Well the one router
> can be set to log, but this seems to be only usefull while your
> watching it and it doesn't seem to log packets, but rather connections.
> You can set it to debug mode and watch it test it's connections. That's
> what you loose with the price trade off of less than cisco equipment.
<blink>
*NO* way to log/monitor transactions? Attempts to hit various ports?
If someone portscanned you, or got to your internal boxes, you wouldn't
know? Can't you even get some of this with... say, a MIB or somesuch
snmp agent?
Ummm. You DO realize the formula here, right?
lotsa bandwidth + little security = big target for cracker/hacker types
And without being able to see what's happening on your network, you're
missing a key component of security. Unless you've got a snoop'ing NIC
on those net's in passive/promiscuous mode.
If you're paying for DSL + Broadlink every month, it seems like a *bit*
more capability in the routers wouldn't be entirely amiss... your call,
o' course.
- Steve S.
More information about the talk
mailing list