Hello,
Most of answers I received suggest me to set up a firewall. (My router seems to have this ability.) But a firewall to block what ? Excepted for the router, computers can't be "to uch" from outside of the LAN, since they have private adresses. The most important risk seems to be about worms, trojans, or java and javascript applications... Some of answers talk about proxies, to prevent this kind of problems. I can't see what improvement of security a proxy brings generally, and in particular in the case of worms & Co, specially with regard to a firewall... If you know the answer (or a web site about that), i'm very interested ! What do you think about this configuration, for the firewall's router : - ingoing packets : SYN packets blocked (for me, useless -> private addresses) - outgoing packets : every packets blocked, except those where destination is web, smtp, pop port. (Working context -> no irc, ....) Is it an useful and effective configuration ? Regards, -- Gilles Poiret Gilles Poiret a écrit, samedi 29 décembre 2001, à 16:21 : > Hello, > > I plan to give my company access to Internet. My ISP propose me partial-time access >(20h) on a RNIS solution, with a router, a single IP address (dynamic), so using >private addresses for computers on my LAN. > > This offer doesn't include security stuff (excepted for e-mails). > So I'm wondering about risk for my network. > For me, the risk is null : private addesses are ... private, and no IP services are >running on workstations. > But I may be wrong ! > > So I appreciate advices. > Thanks, > > and Happy New Year ! > > -- > Gilles POIRET > > > My LAN : > a Windows NT 4 Server, and 10 workstations with Windows 98. > > >
