From owner-freebsd-net@FreeBSD.ORG Thu Feb 17 02:53:29 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED1BA16A4CE for ; Thu, 17 Feb 2005 02:53:29 +0000 (GMT) Received: from mail2out.barnet.com.au (mail2out.barnet.com.au [202.83.176.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1EF9543D41 for ; Thu, 17 Feb 2005 02:53:29 +0000 (GMT) (envelope-from edwin@mavetju.org) Received: by mail2out.barnet.com.au (Postfix, from userid 27) id 966DD70745B; Thu, 17 Feb 2005 13:53:27 +1100 (EST) X-Viruscan-Id: <421407270001226ED720F0@BarNet> Received: from mail2-auth.barnet.com.au (mail2.barnet.com.au [202.83.176.13]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) Authority" (verified OK)) by mail2.barnet.com.au (Postfix) with ESMTP id 4BFC370745A; Thu, 17 Feb 2005 13:53:27 +1100 (EST) Received: from k7.mavetju (edwin-3.int.barnet.com.au [10.10.12.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) Certificate Authority" (verified OK)) by mail2-auth.barnet.com.au (Postfix) with ESMTP id BD02D70744E; Thu, 17 Feb 2005 13:53:26 +1100 (EST) Received: by k7.mavetju (Postfix, from userid 1001) id D646161CB; Thu, 17 Feb 2005 13:53:25 +1100 (EST) Date: Thu, 17 Feb 2005 13:53:25 +1100 From: Edwin Groothuis To: Andrew Heyn Message-ID: <20050217025325.GB1035@k7.mavetju> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: paranoia X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Feb 2005 02:53:30 -0000 On Wed, Feb 16, 2005 at 09:35:50PM -0800, Andrew Heyn wrote: > I always see people replace their IPs with fake replacements. > Is this paranoia really warranted? Why not disconnect the cat5 if you want > to do this? If they're smart and know what they are doing, it will make things easier to read: Machine A and Machine B are easier to recognize than 192.218.32.34 and 129.218.34.32. If they are not smart or misinformed, it will things impossible to understand what is going on: x.y.z.35 and x.y.z.24 is totally the wrong anonymousation[sp] of 1.2.3.35 and 5.6.7.24. It will also give the wrong assumptions when you think it are both public addresses while one is, or both are, private RFC addresses. And than the third group who complain that their DNS server isn't properly working and then give ns1.exmaple.org and test.example.org because they want to anonymize it :-) If they want to be paranoid, let them be. It will only make debugging harder because they don't give the raw data. Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://weblog.barnet.com.au/edwin/