Security Basics mailing list archives
RE: Internal POP3 users
From: "Steve McLaughlin" <steve () Lan com au>
Date: Thu, 4 Mar 2004 18:26:16 +1100
You could put a second network card in, and use this as the only connection to their network, then assign a scope with dhcp for their network and assign it to their interface only. You could also use port filtering to block all traffic in both directions traffic except dhcp traffic. Also remove any routes to and from the new interface. This will create 2 separate broadcast domains, so all your packets will stay on your side of the fence. With a little obscure security on top of that... Im guessing what your topology looks like here. steve mclaughlin | enlite technologyR (MCSE:Security, CCNA, Security+, A+, Network+, Server+) -----Original Message----- From: Christopher Herrmann [mailto:CHerrmann () oddfellows com au] Sent: Wednesday, 3 March 2004 12:01 PM To: Security-Basics (E-mail) Subject: Internal POP3 users Hi, I have a number of users sharing our Internet connection who do not authenticate to my NT network (they are to all intents and purposes, different companies in the same building). However they all use the same DHCP service (from my NT server). This is a major security concern. What are some of the ways I might separate the traffic generated on their machines from my main network? I understand segmentation is one option, but how do I distinguish between those machines? Should I move the DHCP to the router for instance? Any ideas would be welcome. Christopher Herrmann IT Manager ======================================================================== This message has been scanned for spam & viruses by Mail Sleuth. To report SPAM forward the message to: spam () mailsleuth com au Mail Sleuth www.mailsleuth.com.au ======================================================================== -------------------------------------------------------------------------- - Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 -------------------------------------------------------------------------- --
Attachment:
smime.p7s
Description:
Current thread:
- Internal POP3 users Christopher Herrmann (Mar 03)
- RE: Internal POP3 users David Gillett (Mar 03)
- Re: Internal POP3 users steve (Mar 04)
- RE: Internal POP3 users Aditya, ALD [Aditya Lalit Deshmukh] (Mar 04)
- RE: Internal POP3 users Steve McLaughlin (Mar 04)
- RE: Internal POP3 users David Gillett (Mar 03)