[Discuss] selecting a subnet

[bill at horne.net (Bill Horne)]

On Monday, September 15, 2014 09:28:30 AM Jerry Feldman wrote:
> I am with Derek in this case, but remember that 192.168.n.n, 10.n.n.n
> and 172.16 - 172.31 are non-routable meaning that your router SHOULD
> never expose these addresses beyond the subnet. So, in the case where
> you have to set something up at the last minute, the 192.168 addresses
> are not going to conflict. I would also make sure that the wifi is set
> up with a pass code so that people outside the group can't use it
> although in this case the risk is minimal. especially if you disconnect
> the router after the boy scout meeting.

Although the Internet won't relay detached network addresses, that's not 
necessarily the case inside a corporate network. Moreover, the average 
corporate network is awash in "accidental" routers, including portable 
cellular terminals, laptops with network sharing enabled, and the ubiquitous 
"consumer grade" routers that are /always/ going to be plugged in at any 
company picnic or other event when IT isn't involved in advance.

I agree that passwords are an important security feature, but I've never seen 
them enabled on any router set up by the well-meaning civilians at company 
events. They aren't thinking about security; they concentrating on not burning 
the hot dogs. 

We could each write a book about the ways that "self install" technologies 
affect computer network security. It's just not something that anyone in a 
position of authority will ever read. 

FWIW. 

Bill


-- 
Bill Horne
William Warren Consulting
339-364-8487