Home page logo
/

basics logo Security Basics mailing list archives

RE: Protecting Multiple Public IP Workstations
From: "Mike" <mike () superiorholidayadventures ca>
Date: Fri, 27 Feb 2004 10:06:01 -0500

Hey Everyone :)

Hey Matt!

We've got a client who (for various reasons) has a network (that's
currently p2p), and all the workstations (6) have public IP addresses.
It's a windows network (mixed 98 and 2000), and we're putting in a new
server (win2k) Just wondering how to best protect this network?

First get these off the network and look for backdoors.  Do you
currently have any sort of fw installed on these?  As well as a
anti-virus program?  How current are the patches for these computers?

My two thoughts are:

1) To use firewalls at the client level (don't like this idea)

It's a good start, but not recommended.

2) To use RRAS on the server, and have the server route all the public
IP's through it first, and then run some sort of firewall on the
server.

I wouldn't recommend that either.  I very much dislike the idea of
attaching a server (especially, since it holds corporate data) directly
to the internet.  Get one of those cheap internet sharing routers, or
turn an older workstation into a firewall (w/linux or a bsd).  If you
choose the latter, you can even do traffic shaping.

Mike Fetherston

---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]