Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: tcp/ip routing question / router design EDITED

From: "first last" <in5ecure24 () hotmail com>
Date: Sun, 16 May 2004 06:23:20 -0400
Hello everyone
Thank you for your replys,
Ok heres my problem, I am missing one peice of my designed network. I need 3 PCs working as clients or servers, and a device to route between them, and my internet connection. Now the peice im missing is the router, id like to use a PC or the DSL router to route my traffic untill i get my other pc running (which is to be the router). 

Im having rouble deciding which one to use,
i can use the DSL as the router but im restricted to one LAN that way (so i cant physicaly seperate my LAN and DMZ...), tho i can set up PAT/NAT on the DSL to 1 pc on the LAN. 

                                                       OR
i can use a pc as my router and loose a server from my network, but this was i can set up IPSec RRAS.... i already have a server sitting right next to me w. the 3 nics in it i just cant decide which to go w/
so what do you guys think? i figure ill los a bit of security if i use the dsl, but ill loss a server if i go w/ the pc. so, DSL, PC or OTHER 

Thanks once again




From: "first last" <in5ecure24 () hotmail com>
To: security-basics () securityfocus com, firewalls () securityfocus com
Subject: tcp/ip routing question / router design
Date: Thu, 13 May 2004 00:39:54 -0400

hello everyone
I have a question bout which way is a better implementation for a router, heres my situation.
I have a dsl "modem" that is a router, but it only has 1 ethernet port. im saposed to plug the dsl stright into my pc but im not, i have both connected via a switch and everything worked instantaly, so im assuming i can plug my servers into the switch and run my network.
What i am trying to do is set up a DMZ, and my LAN to the internet. the first way i was going to do this was via a software router/multihoned pc (3 nics 1 for each network) and set up a firewall and routing ect ect, on that pc to securly route my networks.
1 problem is if i use only the dsl as a router (isp -> dsl -> switch -> pcs) then what do i do about having seperate networks for my LAN and DMZ and internet conectivity? on the otherhand...
If i use a pc as a router seperating my DMZ and LAN is very easy since i have a nic for each and 1 for my dsl. i dont see why i cant do this but, this will consume a pc, and i dont realy have an extra one.
so my main question is which way do i go w/ or is there other good options, mind you money funds are low so simply buying a hardware router isnt realy an option. My dsl has options for setting up a public and privet lan, but its not like i can physicaly distinguish between the two.
So im pretty much just looking for the best way to set this up (from a security standpoint) and recomendations, help, feed back is GREATLY apricated - thank you 

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/ 


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html 
----------------------------------------------------------------------------



_________________________________________________________________
Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: