Security Basics mailing list archives

Re: firewall on the same segment

From: Sebastian Schneider <ses () straightliners de>
Date: Wed, 10 Sep 2003 20:03:42 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As far as I know that would just work out if your switch if configured in some 
"VLAN" way. I might be wrong.

Usually setting up a firewall within the same segment has no real effect, 
since no traffic will traverse it in a switched environment as long as the 
switch is not configured that way....but that sound very strange, however.

Sebastian


On Wednesday 10 September 2003 08:08, Fernando Serto wrote:

hi,

I always installed firewalls to prevent access from internet to the
internal network, or from one network to another, but I was asked to
install a firewall ON the LAN, to deny access to a few boxes. for example,
the network address is 192.168.100.0/24, firewall's ip is 192.168.100.1 and
I need to block access to a specific server which ip is 192.168.100.3. I
have to allow access only to a few users to this server. Is it possible to
deploy using iptables? On this company, they're using fwbuilder to
administer the firewall, I tried to block access from 192.168.100.4 to
192.168.100.3, but I couldn't... I can only deny access to the ips
configured in the firewall.

Thanks in advance.

Cheers,
Fernando



---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.506 / Virus Database: 303 - Release Date: 1/08/2003


---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
---------------------------------------------------------------------------
-


- -- 

Sebastian Schneider
straightLiners IT Consulting & Services
Metzer Str. 12
13595 Berlin
Germany

Fon: +49-30-3510-6168
Fax: +49-30-3510-6169
www.straightliners.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/X2d/Q7mOWZBxbPcRAmweAKCL8CA95Db4Sq1GSkqmTCOGFty9lgCff9In
oK55oRcLwfJBe/ZShQCeCaA=
=u35L
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

firewall on the same segment Fernando Serto (Sep 10)
- Re: firewall on the same segment irado furioso com tudo (Sep 10)
- Re: firewall on the same segment Sebastian Schneider (Sep 10)
- Re: firewall on the same segment Dana Epp (Sep 10)
- Re: firewall on the same segment Preston Newton (Sep 10)
- Re: firewall on the same segment Ansgar Wiechers (Sep 10)
- RE: firewall on the same segment David Gillett (Sep 10)
- Re: firewall on the same segment Gabriel Orozco (Sep 10)
- <Possible follow-ups>
- RE: firewall on the same segment LordInfidel (Sep 10)