Security Basics mailing list archives
Re: Suggestions for a secure home network
From: "Aaron Rohyans" <aaronr () imcu com>
Date: Tue, 11 Apr 2006 14:36:58 -0400
I would get the DSL or Cable....buy a couple extra static IPs. Put a switch right after the cable modem (a DMZ if you will) and hang a wireless router off of it with one of the public IPs for the wireless MACs. Then, using a separate public IP and another switchport, hang a wired router (Cisco for example) and set up access-control lists within it to deny all inbound traffic from the wireless router sitting in the DMZ. Even if the MACs get hacked, they wouldn't be able to contact the PCs, which effectively are sitting on your "protected" network.
My two cents, Aaron----- Original Message ----- From: "Edmond Chow" <echow () videotron ca>
To: <security-basics () securityfocus com> Cc: <echow () videotron ca> Sent: Sunday, April 09, 2006 11:14 PM Subject: RE: Suggestions for a secure home network
Hello List, I am looking to put together a home network for a high-end client of mine and would like your opinion on what type of equipment to use. Here's an overview of his requirement: - Two MACs (for his kids) on a wireless network - Two PCs on a wired network - these two PCs have sensitive information on them. These computers would not be used for remote access but only forinternet and email access. I am thinking of adding hard drive encryption tothese two computers. I'm thinking of three approaches and would like your thoughts: #1 - Use a cable modem with non-wireless router for his two PCs and use aseparate DSL modem with wireless router for his two MACs. Double the monthlycost for internet access but there is no chance that hackers entering through the MACs will be able to access his PCs. #2 - Use a router (I was thinking of something like an Astaro router or Cisco router) for the PCs and then connect a Linksys wireless router withWPA security to the first router. The wireless router would be used for thetwo MACs.#3 - Use a wireless router with WPA security for the wireless MACs and thenhard wire the two PCs to the non wireless router ports on the back of the wireless router.Any thoughts you would have would be greatly appreciated. Any manufacturersand or models you could suggest would also be much appreciated. Thanks. Regards, Edmond ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php -------------------------------------------------------------------------- ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
------------------------------------------------------------------------- This List Sponsored by: WebrootDon't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Internet port scanning - access as a definition Craig Wright (Apr 07)
- RE: Suggestions for a secure home network Edmond Chow (Apr 11)
- Re: Suggestions for a secure home network Aaron Rohyans (Apr 11)
- RE: Suggestions for a secure home network David Gillett (Apr 11)
- Re: Suggestions for a secure home network paul.johnson8 () gmail com (Apr 12)
- Re: Suggestions for a secure home network Alexander Bolante (Apr 12)
- Re: Suggestions for a secure home network Phunkodelic (Apr 13)
- Re: Suggestions for a secure home network Alexander Bolante (Apr 13)
- Re: Suggestions for a secure home network Phunkodelic (Apr 17)
- Re: Suggestions for a secure home network James Harless (Apr 18)
- RE: Suggestions for a secure home network Edmond Chow (Apr 11)