On Thursday 23 January 2003 08:20 pm, freeman wrote: > My questions are: 1) what is the best way to protect my PC's from her > PC? The thought that comes to mind is to have eth0=internet, > eth1=privateLAN_me, eth2=privateLAN_her. > > Normally eth2 is used for a DMZ so I'd expect that there are some > significant config things to be done to achieve eth2 as a private LAN.
That will work fine. If you don't want her to have access to your other LAN segment, don't add a route for her to do so. > Should I work towards this 4-nic setup, or can I have her and I coexist > safely on the same eth1 interface? If My PC's are 192.168.0.x/24 and her > PC is 192.168.1.x/24 are we separate enough? I use MS file-sharing > between my PC's but don't want her PC to be able to access my PC's via > MS sharing. It should protect you perfectly if a route isn't built for her to do so. IIRC, Shorewall doesn't support over 3 interfaces. > I'll speculate that if I have NetBIOS and NetBEUI disabled on both our > boxes, that any MS sharing would have to transit over TCP/IP and thus I > can control it via the Bering box? NetBEUI isn't routable and NetBIOS is built into TCP/IP, so you would have to disable NetBIOS over the TCP/IP settings on her box _if_ you add the route. So disabling both boxes wouldn't open either machine to this traffic. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
