RE: Allowing only 1 interface to connect to a network

[<Cony.Zhou () cpic-ing com cn>]

you can use a ISA between two network. use script to restrict which connection.



------------------------------------------------------------------ 
Pacific-Antai Life Insurance Company Limited 
IT  Department  Cony Zhou 周圣 
MCSE,MVP,CIW Security Analyst
TEL:    86-21-68863183*1938 
E-mail: Cony.zhou () cpic-ing com cn 
-----------------------------------------------------------------


 

-----Original Message-----
From: ListServ [mailto:knothead () clarksoncollege edu] 
Sent: Thursday, October 27, 2005 10:19 AM
To: security-basics () securityfocus com
Subject: RE: Allowing only 1 interface to connect to a network

Chances are you going to have to look at your routing table on the local machine. Depending on how you what the packets 
to flow use trace route to figure out which way data is going -- thru the moden or the dial-up connection. It is 
possible to dual gateway connections. Again look at your routing table how you want the data to flow.

________________________________

From: Pranav Lal [mailto:pranav.lal () gmail com]
Sent: Sat 10/1/2005 11:57 AM
To: security-basics () securityfocus com
Subject: Allowing only 1 interface to connect to a network



Hi all,

Suppose my computer is on a LAN. I have a modem connected to it. If I dial out via the modem, my computer will have 2 
ip addresses; one from the LAN and 1 from the dialup modem. Is there any way to not allow such a simultaneous 
connection? So, if I am on the LAN and if I try and dial out, the computer blocks that feature? or the reverse, that is 
if I am  on connected dialup and  I connect to a LAN the LAN connection is not allowed?

At the moment I am looking at Windows xp, 2000 and 2003 server.
However, I would also welcome tips on how to accomplish this in linux, solaris etc.

Pranav

---
[This E-mail scanned for viruses by Declude Virus]



---
[This E-mail scanned for viruses by Declude Virus]

-----------------------------------------------------------------------

注意：
本电子邮件所载的，是向收件人所发出的私人的、保密的讯息。如
您误收本邮件，请注意任何对该邮件的披露，复制、传播或使用的
行为均被严格禁止。就误收邮件的情况，请您以回复方式通知发件
人，并删除该邮件，不得打开或复制。
所有讯息和附件都已进行病毒检测。如本讯息附有密码保护的附件，
则太平洋安泰的邮件系统并没有对其进行病毒检测。

-----------------------------------------------------------------------

The information in this Internet email is confidential
and may be legally privileged.It is intended solely
for the addressee. Access to this Internet email by
anyone else is unauthorised.
 
If you are not the intended recipient, any disclosure,
copying,distribution or any action taken or omitted to
be taken in reliance on it, is prohibited and may be
unlawful. When addressed to our clients any opinions
or advice contained in this Internet email are subject
to the terms and conditions expressed in any applicable
governing Pacific-Antai's terms of business or client
engagement letter. 

Visit us at www.Cpic-Ing.Com.Cn

-----------------------------------------------------------------------