From owner-freebsd-questions Sat Nov 17 1:27:22 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id AFC9C37B416 for ; Sat, 17 Nov 2001 01:27:19 -0800 (PST) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id fAH9RER09077; Sat, 17 Nov 2001 01:27:14 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Anthony Atkielski" , "Andrew C. Hornback" , "FreeBSD Questions" Subject: RE: DSL PPPoE with 2 NICs Date: Sat, 17 Nov 2001 01:26:59 -0800 Message-ID: <001001c16f4a$021b6f60$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <022a01c16f46$0a5f5be0$0a00000a@atkielski.com> X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: Anthony Atkielski [mailto:anthony@atkielski.com] >Sent: Saturday, November 17, 2001 12:58 AM >To: Ted Mittelstaedt; Andrew C. Hornback; FreeBSD Questions >Subject: Re: DSL PPPoE with 2 NICs > >> And, how many simultaneous VPN links can it run >> reliably? > >Just one, as far as I can tell. But that's all that the ADSL line >will accept >(the modem can open multiple VPN connections, but the DSLAM at the >other end, or >the BAS or something, won't accept more than one). > VPN connections are layer 3 and have nothing to do with the DSLAM. We have many ADSL customers that use NT servers on their ADSL lines and regularly support many VPN clients logged in simultaneously. (of course many of those folks also got nailed by Code Red but that's another story) >> Correct - but as I said, not everyone is lucky >> enough to be network admin at a company that >> has mature adults as employes. > >I've long been convinced that admins that feel compelled to spy have some >serious maturity problems of their own. > It depends on the environment. We have one customer that manages a paper mill network, the mill runs 24x7 as most manufacturing operations do. They have caught the security guards burning up hours of time at 2 am viewing porno because they proxy all http. Believe me the admin would have not said anything if it was just a few sites for a few minutes or so. > >A BSD box used as a router may be too busy to do much else. I can show you plenty of vmstat outputs from a variety of BSD boxes running as routers that show that this isn't the case. >A lack of local storage makes a system much harder to crack. > No. It makes the system harder to destroy or use to mount attacks on others once it's cracked, but the presense of absense of local storage doesen't affect the number of holes into the router. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message