LISTSERV - HP3000-L Archives

HP3000-L Archives

August 2000, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L August 2000, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: OT: Firewalls and Such
From:	Jim Phillips <[log in to unmask]>
Reply To:	Jim Phillips <[log in to unmask]>
Date:	Wed, 9 Aug 2000 16:18:07 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (64 lines)

Wirt Atmar <[log in to unmask]> writes:

> I just wrote:
>
> > Internally, you presume your users are to be trusted. Externally, your
> >  private address space IP addresses that constitute your LAN are
invisible
> to
> >  the rest of the world (indeed, they're not even unique to you;
thousands of
> >  sites can be using exactly the same addresses).
> >
> >  If you let someone through your router because he has the passwords,
then
> >  you've made him a trusted member of your family of users. Otherwise, he
> > could never see your printers.

Precisely my idea as well.  MCI manages our network (WAN) for us from
router-to-router.  As such they are "trusted".

> Let me write an addition to what I just wrote.
>
> You may actually have two IP addresses for some or all of your printers,
your
> private address space IP addresses (10.x.x.x) *and* some real-world IP
> address, assigned by virtue of the fact that you have entered these
private
> IP addresses into a NAT (network address translation) table in your
router.
>
> In that case, the rest of the world can see your printers. There's nothing
> wrong with that, if you need to do it. In fact, I've been thinking about
> putting one or two of our printers on-line. However, just to keep down the
> hooliganism of the intellectually bored, you should (must) assign
> administrator passwords to all of the printers that you've opened up to
the
> world. The newest printers have an HTTP server built into them, so that
you
> can perform all system management tasks using a web browser. The older
> printers have to be addressed using telnet.
>
> To find out if your printer does support HTTP, simply type on your
browser:
>
>            http://192.168.1.100
>
> (or whatever the address of your printer is). If it doesn't support HTTP,
it
> will tell you. If it doesn't, telnet into the printer using your favorite
> terminal emulator. Virtually all network capable printers support telnet
> administration.

No http, but they do support telnet.  But, how do I know if an NAT is setup
in the router or not?  We don't do the router stuff, MCI handles that for
us.  FWIW, if I telnet into the router it asks for a password, which I do
not have.


Jim Phillips                            Manager of Information Systems
E-Mail: [log in to unmask]     Therm-O-Link, Inc.
Phone: (330) 527-2124                   P. O. Box 285
  Fax: (330) 527-2123                   10513 Freedom Street
  Web: http://www.tolwire.com  Garrettsville, Ohio  44231

ATOM RSS1 RSS2

RAVEN.UTC.EDU