The untrusted box is behind the ADSL router only, so has exactly the same
protection as it currently has
And that is the problem.
It is an ineffective solution with several additional problems. It is not
something I could recommend.
As for the hassle of reconfiguring on the current network,
** Rob Malpass li...@getiton.myzen.co.uk [2011-05-07 09:50]:
Moving house shortly which means, for the first time, I have to have my
father in law on my network. Now while he's no hacker, he is fond of
fiddling and has managed to crash his (Windows) machine so badly over the
years that
If you connect the 'internet'
side to the ADSL router you effectively put anything connected directly to
the
ADSL router into a sort of DMZ (sort of since it is still firewalled as
normal,
so not really a proper DMZ) with a separate IP address range that is
firewalled
off from the rest of
Eclipse used to do multiple IP addresses, I don't know if your ISP does. If
so, you could do this with 3 devices: ADSL router and 2x ethernet routers,
then you set up 2x standard NAT one on each IP address. That'll safely
separate the networks.
Benjie.
On 9 May 2011 16:43, Vic l...@beer.org.uk
** Vic l...@beer.org.uk [2011-05-09 16:44]:
If you connect the 'internet'
side to the ADSL router you effectively put anything connected directly to
the
ADSL router into a sort of DMZ (sort of since it is still firewalled as
normal,
so not really a proper DMZ) with a separate IP
-Original Message-
From: hampshire-boun...@mailman.lug.org.uk [mailto:hampshire-
boun...@mailman.lug.org.uk] On Behalf Of Andy Smith
Sent: 07 May 2011 09:57
To: hampshire@mailman.lug.org.uk
Subject: Re: [Hampshire] Networking for Dummies
More info needed.
How will his
Hi Rob,
On Sun, May 08, 2011 at 10:08:41AM +0100, Rob Malpass wrote:
He's running one W7 machine and will be connected via cable to a hub.
Sounds like ipcop or something similar is the way to go - though I must
admit I'm sorely tempted to get a cheap ISP and put it down our second phone
Hi all
Moving house shortly which means, for the first time, I have to have my
father in law on my network. Now while he's no hacker, he is fond of
fiddling and has managed to crash his (Windows) machine so badly over the
years that nothing short of a full reinstall has fixed it. His
Hi Rob,
On Sat, May 07, 2011 at 09:49:29AM +0100, Rob Malpass wrote:
What I want is to keep him isolated so he can't even see any network
devices, printers - just let him share the connection.
More info needed.
How will his computer(s) connect to your LAN? Direct connection to a
switch? WiFi?
What I want is to keep him isolated
That's always a good plan with relatives :-)
Do you have a server running? That makes life very easy.
Add a second network card to it. This will form your untrusted network.
Set your machine to forward IP packets between interfaces (echo 1
On 07/05/2011 09:59, Vic wrote:
What I want is to keep him isolated
That's always a good plan with relatives :-)
Do you have a server running? That makes life very easy.
If you want WiFi on that network, set up another WiFi router and connect
one of its LAN ports to you untrusted
If you have a relatively powerful spare PC, use pfSense. This has AV proxy,
Snort w/ ET THREATS standard rules (VPS if you pay snort for them). It also
supports a wealth of other things not found in SOHO routers, or router
distros.
You can easily firewall, segregate, bridge or whatever into
On Saturday 07 May 2011 12:41:55 Ian Grody wrote:
If you have a relatively powerful spare PC, use pfSense.
By this, I use a P3 533MHz w/ runs snort and av proxy fine. This box handles 34
users at any one time too! :-)
This has AV proxy,
Snort w/ ET THREATS standard rules (VPS if you pay
13 matches
Mail list logo
