[Freedombox-discuss] A project to co-operate with?

Karlheinz Meier freedombox at karlheinz-meier.de
Tue Jul 19 08:47:26 UTC 2016 

Am 18.07.2016 um 10:57 schrieb Anders Jackson:
> > Can you think of any downsides of such a config?

Hi.

my post shall not be negative, I am just listing the downsides
I can think of currently.
Possible solution: Enable seperate IP per Service.
So I have "freedombox" as one Ip and perhaps just one other for one
special service.


Yes, there is a downside:
If you think about the "common people" who just "buy a freedombox",
they currently can just rely to "the freedombox is ....".
You can even just enter "freedombox" into the application and then it works.
(because of Laziness I do this in putty and the browser rather than the ip)

>> would it be then that those dns records for the internal network
would get
made automatically ?

So I don't have to worry about where it is, when I  type
"ssh.freedombox" into putty ?
(same for any other Service)

Another Downside: If you mesh / share your network, you are blocking a
lot of IPs.
I specifically think about meshing to Freifunk with the freedombox,
they use the 10.xxxx in their network for normal IP assignment, which is
then a normal
IP in their neworks. As they have relatively big networks (for a whole
city), 10 frreomboxes
make then 100 client-ips.
(I currently don't care about how NAT for intern and extern is implemented,
perhaps the IP is just intern and you only get ONE external IP or so)

Last Downside:
In terms of security it's then just a DNS lookup to see your services
running.
I am not a security expert, but against port-scanning and port-probing,
there are certain concepts like "if you try 5 ports in a row, you get no
further info",
and so on. don't know, whether this is an issue, but could be.

*I suggest to make this an option per service.*
Along with custom Names.
mail.freedombox..... then connects to Freedombox' Mail service :)

Kind Regards from Germany,
Karlheinz Meier

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20160719/d274ee4e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20160719/d274ee4e/attachment.sig>

More information about the Freedombox-discuss mailing list