David, 1. You might want to ask this on the expert list.
2. My home network is very similar to yours, coax instead of hub, dial up instead of DSL, and a Dos box running IPROUTE instead of Windows with ICS. I don't know exactly what ICS does, but IPROUTE ($50 shareware from, darn, can't remember his name -- I can post a link if anyone is interested) is a NAT type system. I run it without a firewall and it seems to be very secure -- whenever I check it at one of those "port scanner" sites it comes back saying it can't find any ports or they are all stealth. So, if Windows ICS is a NAT type thingy, a firewall might not be required. (Of course, without knowing for sure, one might say a firewall can't hurt.) IIUC, a NAT type system is very resistant to external attacks. When one of your local computers goes out to a web site, the NAT device keeps track of the IP you are trying to get to, and only allows stuff from that IP back into your network. (It also keeps track of which of your local computers asked for that information, so it is sent back to the correct local computer.) I understand I might have some difficulty if I tried to run a VPN throught the NAT device, and we have had trouble with games -- computers on my network cannot easily serve as servers for Internet games, but can connect to other servers to play games. Try one of those port scanning sites -- one is: http://www.mycgiserver.com/servlet/kalish.Security Randy Kramer David wrote: > > Hello everyone. > > Okay, I realize this is a drawn out post so I'll apolgize now. Sorry > it's so long :) > > I think I have finally settled on a setup for now on how to split my > dsl line to my other home computers. This is what is looks like right > now...... > _____________________________________________________ > INTERNET > | > | > IBM P133 win98 DCHP > Quest DSL w/Pro 2200 dsl modem > | > | > 3com Office Connect Hub 8 ports > | | | > | | | > IBM P200 Notebook IBM Intellistation E Pro > Windows Windows Mandrake Linux 8.1 > Kids Mom Me :) > ____________________________________________________ > > File sharing is NOT enable throughout the network. The only thing > that the computers do is access the internet through the hub but do > not share files or printers. I don't have any firewalls set on the > P133.....could put zone alarm on it......but I don't have ANYTHING on > the machine except win98se and all it does is run the ICS for the > other machines......only has a small hard drive...just big enough to > hold win 98 se. Basically was pulled from retirement to do this > one job :) > > My questions are: > > Are the computers that are connected to the hub able to be probed > through port scans and able to be attacked? Or is only the P133 able > to be scanned and attacked? I have Zone Alarm on the other windows > computers........but don't have anything on the Linux system. Is it > relatively safe or do I need firewall protection on it also. If so, > what is recommended with the configuration described above? > > Some Explanations: > You might wonder WHY USE win98se for the ICS when > Mandrake does such a great job? Simple.........I couldn't get the Pro > Dsl 2200(or 2100 can't remember now which it is) to work with Linux > and I wasn't willing to part with the couple hundred bucks for a > External Modem that worked with QWEST DSL service. Plus I had an old > IBM P133 setting around...and it already had win98 se installed. The > kids computer has Windows on it...mostly because they use that at > school and it is more familiar to her........but she likes the games > on mine and is learning to use Linux fast :) Wife likes Windows(yuck) > and isn't inclined to switch yet.....although I keep working on it:) > > So after that lengthy explanation of my questions and reasons for > doing things the way I did............do you have any suggestions for > improving the setup (other than scrapping all the windows partitions > on the hard drives<grin>? And making it more secure ? > > Thanks, > -- > Dave Crouse > Running Mandrake 8.1 > IBM Intellistation E Pro > 450 mghz 750 mb ram > > --------------------------------------------------------------- > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
