Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: jeckyl hyde network

From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Thu, 10 Apr 2003 11:35:14 -0500
Get additional IP addresses from the Cable Co (IIRC, ATTbi used to lease
them for $4.95/month).  Install a personal firewall like Norton, ZA,
whatever makes you happy and put a hub for them to connect to in front of
the Linksys.

----CM----Hub----Linksys---192.168.1.0/24 'biz'
           \-----Kids

If you really want to separate them and give the kids more than one
computer, get a 2nd Linksys (they're available for $35 if you catch a
discount) and hub them.

----CM----Hub-----L1----192.168.1.0/24 'biz'
               \--L2----192.168.1.0/24 'kiddy'

The fact that they're the same IPs is irrelevant because the NAT in the
Linksys box takes care of it.  To the world they'll have two separate IPs
assigned from the CableCo.

They can do everything they want, except see across the kiddy divide...

You can even setup the Linksys to port-forward ssh traffic to one machine on
the Biz net, so you could ssh to it.  But that's a Unix thing.


-----Burton


-----Original Message-----
From: Mada Dulate [mailto:madadulate () hotmail com]
Sent: Wednesday, April 09, 2003 12:42 PM
To: security-basics () securityfocus com
Subject: jeckyl hyde network



Hi all,

I have a homenet with 9 computers, mostly for playing and learning, but I
also run my business on it.  I believe I keep a pretty tight ship, but
sometimes while I'm in the process of playing, well, you know...

It's never been particularly fun for the kids because of the locking down,
but I can keep the horde back no more.

I want (need) to set up a couple of computers that are open for the kids to
use IM, do what they want with the desk and load crap they want to load.
Basically they need eveything open so they can learn.

I have some unmanaged hubs, Cisco switches (2900) and flexibility in the
wiring.  Fly in the ointment is a single cable modem and an 8 port Linksys
router.

Right now I run 2k and XP with a 4.0 server.  No flavours of *nix.

Oh, yeah, and right now - zero budget.

I like to solicit advice of configurations for isolating the play side from
the work side.  Can this be done practically and still have access to the
cloud from all terminals?

Any help for a relative newbie would be greatly appreciated!

Thanks!

Mada

_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free
technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------



-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: