Security Basics mailing list archives

RE: Making a W2K with Internet Connection Sharing secure

From: "dave" <dave () REMOVETHIS netmedic net>
Date: Sat, 11 Jan 2003 18:39:38 -0500

Sarbjit,


Actually you could use TCP/IP Filtering it is only turned on or off for all
adapters, the settings per-adapter is unique to that adapter.

For more granular control you can download PktFilter from
http://www.hsc.fr/ressources/outils/index.html.en
You can thank Jean-Baptiste Marchand for that free tool it is fairly easy to
set up and use.  

 

Dave Kleiman
dave () netmedic net
www.netmedic.net

 


-----Original Message-----
From: Mike Moore [mailto:mike () moorecomputing net] 
Sent: Thursday, January 09, 2003 22:04
To: ssgill () gilltechnologies com; security-basics () securityfocus com
Subject: RE: Making a W2K with Internet Connection Sharing secure

If you can come up with a very low end pc take a look at www.ipcop.org .
It's a free Linux firewall that is very good in my opinion. They have a
great mailing list for support. Then go here
http://www.ipcop.org/cgi-bin/twiki/view/IPCop/IPCopDGHowto for Dan's
Guardian a URL filtering application that works with IPCop. Then the W2K
server and all workstations are protected. Just a thought.

Mike

-----Original Message-----
From: Sarbjit Singh Gill [mailto:ssgill () starhub net sg] 
Sent: Tuesday, January 07, 2003 10:06 PM
To: security-basics () securityfocus com
Subject: Making a W2K with Internet Connection Sharing secure

Greetings,

I am a part of a group of volunnteers who help with 
teaching underprivileged kids in orphanages.

we had some donation of softwares from Microsoft and 
hardware from HP and DSL connectivity from a local 
telco.

The setup looks something like this :
DSL modem connected to a multi homed Windows 2000 
Server. The W2K box is then sharing the ADSL 
connection via Internet Connection Sharing to the LAN 
made up of 10-25 PC running W98,WME and W2K Pro.

I need somekind of proxy/NAT/firewalling  and URL 
filtering capabilities on the W2K. They have to be 
free. We are sourcing for some netscreen stuff but do 
not know when it will come in. 

I can't use IP filtering in W2k as it affects all 
adapters. The LAN PCs use the server as a DC for 
policies and authentication. 

Right now the W2K server is connected to the internet 
with no security whatsoever.

Thanks in advance.

Gill

Sarbjit Singh Gill
ssgill () gilltechnologies com 

Powered by Gee! - Wireless Access Anywhere


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.438 / Virus Database: 246 - Release Date: 1/7/2003

Current thread:

Making a W2K with Internet Connection Sharing secure Sarbjit Singh Gill (Jan 09)
- Re: Making a W2K with Internet Connection Sharing secure James-lists (Jan 10)
  - RE: Making a W2K with Internet Connection Sharing secure Sarbjit Singh Gill (Jan 13)
- RE: Making a W2K with Internet Connection Sharing secure Mike Moore (Jan 11)
  - RE: Making a W2K with Internet Connection Sharing secure dave (Jan 13)
    - RE: Making a W2K with Internet Connection Sharing secure Harold McMurtry (Jan 15)
    - RE: Making a W2K with Internet Connection Sharing secure Sarbjit Singh Gill (Jan 15)
- RE: Making a W2K with Internet Connection Sharing secure shawn (Jan 11)
- Re: Making a W2K with Internet Connection Sharing secure SFDC Admin (Jan 11)
- <Possible follow-ups>
- Re: Making a W2K with Internet Connection Sharing secure Chris Berry (Jan 11)
  - Re: Making a W2K with Internet Connection Sharing secure jeremy (Jan 14)
- RE: Making a W2K with Internet Connection Sharing secure Clinton McGuire (Jan 13)
- RE: Making a W2K with Internet Connection Sharing secure Hankes, Christopher A (Jan 15)
  - RE: Making a W2K with Internet Connection Sharing secure Sarbjit Singh Gill (Jan 15)
    - RE: Making a W2K with Internet Connection Sharing secure dave (Jan 17)

(Thread continues...)