Hi Scott,
My VPN connections are handled by the router/firewall/gateway (ipcop.org),
not by a separate VPN client network adapter, so the multiple network
interface idea wouldn't work for me. I appreciate that you don't want
kaboodle to be misused and classed as a threat by AV progs. How about some
tick boxes for additional ip addresses (and mask options) for the officially
designated *PRIVATE* ip address ranges:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
... also allowing more restrictive mask options than above (e.g.
192.168.131/24, or 172.31.16.0/24)
I've taken the above ranges from http://www.faqs.org/rfcs/rfc1918.html .
These addresses are guaranteed not to exist on the real internet.
Taking that one stage further, the additional ability to add *single*
internet hosts (in the public IP address ranges) would solve the mail server
requirement for me, and stop people doing completely stupid things like
trying to scan the whole internet accidentally.
Useful ideas? Keep up the good work! Thanks! Warwick. PS BTW have you seen
www.networkview.com?
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Best
Sent: 23 October 2005 19:03
To: Warwick Grigg
Cc: kaboodle-user@lists.sourceforge.net
Subject: Re: [Kaboodle-user] Other routable networks
Warwick:
Heya. Yes, that's a popular request. The problem is, if Kaboodle
allowed
the end user to specify a network range to scan, a lot of user would
set it up
(probably accidently) to scan large parts of the Internet. :) I could
try to limit
the scan range, by requiring users to pick networks that we some small
number of "hops" away, but that gets pretty tricky to enforce as well.
What we're going to do in Kaboodle 2.0 is to enable Kaboodle to scan
the /24 range on *all* of it's active network interfaces. So when you
VPN, a
virtual interface is created, and Kaboodle will scan it.
Hope that helps!
-Scott
On Oct 23, 2005, at 10:12 AM, Warwick Grigg wrote:
> Is it possible to scan/discover other networks outside the LAN,
> reachable via the router, without needing getEngaged? For example,
> from my home LAN (192.168.0.0/24) I can reach my office LAN
> (172.31.16.0/24) via my router's IPSec VPN, my public web server
> (mypublicwebserver.com), my public mail server
> (mypublicmailserver.com) etc, but kaboodle will only scan
> 192.168.0.0/24 . It would be really nice to add other network pages
> that can be reached directly without having to install kaboodle on
> each. Is this possible, or planned for a future release? Thanks.
> Warwick.
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
_______________________________________________
Kaboodle-user mailing list
Kaboodle-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kaboodle-user
To UNSUBSCRIBE, click on the above link.
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
_______________________________________________
Kaboodle-user mailing list
Kaboodle-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kaboodle-user
To UNSUBSCRIBE, click on the above link.
