name resolution

Gene Heskett gheskett at shentel.net
Sun Nov 26 17:41:23 UTC 2017


On Sunday 26 November 2017 11:00:34 Ralf Mardorf wrote:

> On Sun, 26 Nov 2017 10:02:20 -0500, Tom H wrote:
> >There was a fedora-devel@ thread two or three years ago about dnssec
> >where Lennart pointed out that Fritzbox is the most widely-used home
> >routers and that the admin page is reached by going to "fritz.box".
> >".box" must be registered by now (I'd guess by "box.com" or
> >"dropbox.com" but I don't care enough to check) so Fritzbox'll have
> > to change something in its setup.
>
> If I want to access my router, I'm using the IP 192.168.1.1, which
> seemingly is the valid default for routers of most, if not all
> providers [1]. I could use names as well, yes, names, since my
> original provider was taken over by one provider after the other and
> the router accepts different names.
>
> [1] http://19216811.wiki/

Not looking at the above, I will state that IMO, its important from a 
security standpoint, to move your home networks off the default 
192.168.0.1 or 1.1, just to make the black hats work a little harder to 
find you if they should manage to get thru the routers internet faceing 
protections. One of the reasons I'm a firm believer in buying only a 
router that can be reflashed with dd-wrt, which allows turning that off 
completely. Gets rid of any NSA back doors, which the popular routers 
all have.

If and when I publish some of my configurations, you'll note the 3rd 
triplet address has been redacted. If I have to bring in something that 
allows management such as a managed switch, into my system, I do have an 
alias that allows access to a 1.1 device long enough to program that 
switch to work on the subnet address I use here. I think the only 
problem that may have created is in addressing a brother inkjet based 
printer/mfc machine on that net, the first 6 requests to initiate a 
printout are rejected by the printer because of a bad tcp checksum. But 
the 7nth request has a good checksum and it just works once it figures 
out its not on a 1.1 network. So theres always a 7 second delay in 
waking up that printer. Considering the overall speed of that printer, 
the 7 second delay gets lost in the overall actual speed attained, 
limited I assume by its ethernet speeds. I've never tried usb because 
this machine is only usb-2, and the usb input is nearly 3 feet of a 
plastic channel for the cable away from its back panel entrance, leaves 
only about 2 feet of a 5 foot usb cable to reach a hub, and while my usb 
tree looks about like a weeping willow, I don't have a hub that close.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>




More information about the ubuntu-users mailing list