The thing that gets me is that he will have to route SMB(net bios) anyways,
so what do you achieve..?! Host based security would probablly be just as(if
not more) effective in this case. If the box is Win2k then you can do some
Advanced IP filtering KungFoo to block ports, IPs, Protocols.. Host based
security is going to be cheaper and easier to manage, in most cases. As
most people have stated it isn't a question of can you do this, rather it is
why do you want to do this?
John
-----Original Message-----
From: Ed Esgro [mailto:EdE@;stainsafe.com]
Sent: Thursday, November 07, 2002 12:51 PM
To: NT 2000 Discussions
Subject: RE: Moving PDC behind firewall
I am really curious what you are trying to prevent people from doing to your
PDC? There are better ways to protect it.
Ed
-----Original Message-----
From: Andrew S. Baker [mailto:ListMember@;UltraTech-llc.com]
Sent: Wednesday, November 06, 2002 6:23 PM
To: NT 2000 Discussions
Subject: RE: Moving PDC behind firewall
For the PDC to work at all, you'll need to open up a few ports...
ASB
Technology Integration Specialist
http://www.ultratech-llc.com/KB
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:bounce-nt2000-136492@;ls.swynk.com] On Behalf Of /dev/null
Sent: Wednesday, November 06, 2002 12:59 PM
To: NT 2000 Discussions
Subject: Re: Moving PDC behind firewall
Thanks everyone for the info on this admittedly weird request.
Everyone has asked why, here's the reason:
> It's clear (to me at least)the "trusted" LAN is being redefined.
We're wanting to insulate the PDC from the users.
Ed Esgro said "PDC will run but it will not be the master browser for
your 10.x.x.x network it will be the master browser for your 192.x.x.x
network". If we put the PDC and user computers on the same logical
(10.*) network with this firewall/router in-between the PDC and users
and set the firewall/router to only forward the protocols we wanted,
would this allow the PDC to be the master browser? I'm assuming the
answer is yes.
Thanks again for everyone's help.
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to %%email.unsub%%
*****This email and any files transmitted with it are confidential and
intended solely for the use of the addressee. If you have received this
email in error please notify [EMAIL PROTECTED] Any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Stainsafe Inc. or any of its subsidiaries or
affiliates. The company accepts no liability for any damage caused by any
virus transmitted by this email.*****
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to %%email.unsub%%
------
You are subscribed as [email protected]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
