> The untrusted box is behind the ADSL router only, so has exactly the same
> protection as it currently has
And that is the problem.
It is an ineffective solution with several additional problems. It is not
something I could recommend.
> As for the hassle of reconfiguring on the current networ
** Vic [2011-05-09 16:44]:
> > If you connect the 'internet'
> > side to the ADSL router you effectively put anything connected directly to
> > the
> > ADSL router into a sort of DMZ (sort of since it is still firewalled as
> > normal,
> > so not really a proper DMZ) with a separate IP address ran
Eclipse used to do multiple IP addresses, I don't know if your ISP does. If
so, you could do this with 3 devices: ADSL router and 2x ethernet routers,
then you set up 2x standard NAT one on each IP address. That'll safely
separate the networks.
Benjie.
On 9 May 2011 16:43, Vic wrote:
>
> > If y
> If you connect the 'internet'
> side to the ADSL router you effectively put anything connected directly to
> the
> ADSL router into a sort of DMZ (sort of since it is still firewalled as
> normal,
> so not really a proper DMZ) with a separate IP address range that is
> firewalled
> off from the
** Rob Malpass [2011-05-07 09:50]:
> Moving house shortly which means, for the first time, I have to have my
> father in law on my network. Now while he's no hacker, he is fond of
> fiddling and has managed to crash his (Windows) machine so badly over the
> years that nothing short of a full rei
Hi Rob,
On Sun, May 08, 2011 at 10:08:41AM +0100, Rob Malpass wrote:
> He's running one W7 machine and will be connected via cable to a hub.
>
> Sounds like ipcop or something similar is the way to go - though I must
> admit I'm sorely tempted to get a cheap ISP and put it down our second phone
>
> -Original Message-
> From: hampshire-boun...@mailman.lug.org.uk [mailto:hampshire-
> boun...@mailman.lug.org.uk] On Behalf Of Andy Smith
> Sent: 07 May 2011 09:57
> To: hampshire@mailman.lug.org.uk
> Subject: Re: [Hampshire] Networking for Dummies
>
> More in
On Saturday 07 May 2011 12:41:55 Ian Grody wrote:
> If you have a relatively powerful spare PC, use pfSense.
By this, I use a P3 533MHz w/ runs snort and av proxy fine. This box handles 34
users at any one time too! :-)
> This has AV proxy,
> Snort w/ ET THREATS & standard rules (VPS if you pay
If you have a relatively powerful spare PC, use pfSense. This has AV proxy,
Snort w/ ET THREATS & standard rules (VPS if you pay snort for them). It also
supports a wealth of other things not found in SOHO routers, or router
distros.
You can easily firewall, segregate, bridge or whatever into h
On 07/05/2011 09:59, Vic wrote:
What I want is to keep him isolated
That's always a good plan with relatives :-)
Do you have a server running? That makes life very easy.
If you want WiFi on that network, set up another WiFi router and connect
one of its LAN ports to you untrusted interfa
> What I want is to keep him isolated
That's always a good plan with relatives :-)
Do you have a server running? That makes life very easy.
Add a second network card to it. This will form your "untrusted" network.
Set your machine to forward IP packets between interfaces (echo 1 >
/proc/sys/net
Hi Rob,
On Sat, May 07, 2011 at 09:49:29AM +0100, Rob Malpass wrote:
> What I want is to keep him isolated so he can't even see any network
> devices, printers - just let him share the connection.
More info needed.
How will his computer(s) connect to your LAN? Direct connection to a
switch? WiFi
Hi all
Moving house shortly which means, for the first time, I have to have my
father in law on my network. Now while he's no hacker, he is fond of
fiddling and has managed to crash his (Windows) machine so badly over the
years that nothing short of a full reinstall has fixed it. His fiddli
13 matches
Mail list logo
