Security Basics mailing list archives
RE: tcp/ip routing question / router design EDITED
From: "first last" <in5ecure24 () hotmail com>
Date: Sun, 16 May 2004 06:23:20 -0400
Hello everyone Thank you for your replys,Ok heres my problem, I am missing one peice of my designed network. I need 3 PCs working as clients or servers, and a device to route between them, and my internet connection. Now the peice im missing is the router, id like to use a PC or the DSL router to route my traffic untill i get my other pc running (which is to be the router).
Im having rouble deciding which one to use,i can use the DSL as the router but im restricted to one LAN that way (so i cant physicaly seperate my LAN and DMZ...), tho i can set up PAT/NAT on the DSL to 1 pc on the LAN.
ORi can use a pc as my router and loose a server from my network, but this was i can set up IPSec RRAS.... i already have a server sitting right next to me w. the 3 nics in it i just cant decide which to go w/
so what do you guys think? i figure ill los a bit of security if i use the dsl, but ill loss a server if i go w/ the pc. so, DSL, PC or OTHER
Thanks once again
From: "first last" <in5ecure24 () hotmail com> To: security-basics () securityfocus com, firewalls () securityfocus com Subject: tcp/ip routing question / router design Date: Thu, 13 May 2004 00:39:54 -0400 hello everyoneI have a question bout which way is a better implementation for a router, heres my situation.I have a dsl "modem" that is a router, but it only has 1 ethernet port. im saposed to plug the dsl stright into my pc but im not, i have both connected via a switch and everything worked instantaly, so im assuming i can plug my servers into the switch and run my network.What i am trying to do is set up a DMZ, and my LAN to the internet. the first way i was going to do this was via a software router/multihoned pc (3 nics 1 for each network) and set up a firewall and routing ect ect, on that pc to securly route my networks.1 problem is if i use only the dsl as a router (isp -> dsl -> switch -> pcs) then what do i do about having seperate networks for my LAN and DMZ and internet conectivity? on the otherhand...If i use a pc as a router seperating my DMZ and LAN is very easy since i have a nic for each and 1 for my dsl. i dont see why i cant do this but, this will consume a pc, and i dont realy have an extra one.so my main question is which way do i go w/ or is there other good options, mind you money funds are low so simply buying a hardware router isnt realy an option. My dsl has options for setting up a public and privet lan, but its not like i can physicaly distinguish between the two.So im pretty much just looking for the best way to set this up (from a security standpoint) and recomendations, help, feed back is GREATLY apricated - thank you_________________________________________________________________FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html----------------------------------------------------------------------------
_________________________________________________________________ Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com ---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- RE: tcp/ip routing question / router design EDITED first last (May 17)