RE: Sharing a DSL line

["Andrew" <andrew () auliya org>]

Thanks for the mail, this is precisely the setup I'm doing - fairly basic
question but then it never hurts to ask! My query really centred around the
idea that, in terms of TCP/IP, the status of a wireless user is the same as
any other internet user. That's now been confirmed, so thanks!

Andrew


-----Original Message-----
From: Burton M. Strauss III [mailto:BStrauss () acm org] 
Sent: 01 April 2004 23:25
To: security-basics () securityfocus com
Cc: Andrew
Subject: RE: Sharing a DSL line


Sure -- (assuming the TOS of the ISP allows it).  You will need to make sure
you can pull a 2nd public IP.  Then it looks like this:

                  +---+
                  +   +----Router1 (Private)----Users
Internet---ISP----+HUB+
                  +   +----Router2 (Public)-----Users
                  +---+

Somebody behind R2 is just like anyone else on the 'net.

Assuming that the R2 people don't need any special access to R1 stuff, this
is the safest way to set it up - no fooling w/ DMZs or special firewall
rules.  If you do have the occasional user behind R2 who needs access,
consider setting up a VPN!


-----Burton

> -----Original Message-----
> From: Andrew [mailto:andrew () auliya org]
> Sent: Thursday, April 01, 2004 8:43 AM
> To: security-basics () securityfocus com
> Subject: Sharing a DSL line
>
>
> Hello,
>
> I am considering sharing a DSL line for both a staff and a public 
> network, the public one wireless, the staff one hard-wired. Both will 
> lie behind firewall routers, so theoretically any potential attacker 
> from the inside would be in the same position as an intruder from the 
> internet. Is this correct?
>
> Thanks,
>
> Andrew
>
>
>
> ------------------------------------------------------------------
> ---------
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 
> off any course! All of our class sizes are guaranteed to be 10
> students or less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab.
> Master the skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ------------------------------------------------------------------
> ----------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------