On Sunday 11 March 2007 23:08, Ian Cheong wrote: > Has anyone has bothered with separately firewalled home networks?? > (IE practice remote location at GPs home separate from home network)
Our wireless networks both at home, at the practice, and at the hospital are entirely separate from the wired networks (eg different subnets, not bridged). The only way to log onto a clinical machine (even from within the network) is now via ssh or ssh X forwarding, single port, heavily guarded, all other ports blocked. Tools like fail2ban ensure that nobody (= no originating IP number) gets more than 3 tries before they are out when attempting to break in by brute force Now, THAT is simple and fool proof. Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
