tcp/ip routing question / router design
From: first last (in5ecure24_at_hotmail.com)
Date: 05/13/04
- Previous message: Kurt: "RE: Administrator's Journal"
- Next in thread: JGrimshaw_at_ASAP.com: "Re: tcp/ip routing question / router design"
- Reply: JGrimshaw_at_ASAP.com: "Re: tcp/ip routing question / router design"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com, firewalls@securityfocus.com Date: Thu, 13 May 2004 00:39:54 -0400
hello everyone
I have a question bout which way is a better implementation for a router,
heres my situation.
I have a dsl "modem" that is a router, but it only has 1 ethernet port. im
saposed to plug the dsl stright into my pc but im not, i have both connected
via a switch and everything worked instantaly, so im assuming i can plug my
servers into the switch and run my network.
What i am trying to do is set up a DMZ, and my LAN to the internet. the
first way i was going to do this was via a software router/multihoned pc (3
nics 1 for each network) and set up a firewall and routing ect ect, on that
pc to securly route my networks.
1 problem is if i use only the dsl as a router (isp -> dsl -> switch -> pcs)
then what do i do about having seperate networks for my LAN and DMZ and
internet conectivity? on the otherhand...
If i use a pc as a router seperating my DMZ and LAN is very easy since i
have a nic for each and 1 for my dsl. i dont see why i cant do this but,
this will consume a pc, and i dont realy have an extra one.
so my main question is which way do i go w/ or is there other good options,
mind you money funds are low so simply buying a hardware router isnt realy
an option. My dsl has options for setting up a public and privet lan, but
its not like i can physicaly distinguish between the two.
So im pretty much just looking for the best way to set this up (from a
security standpoint) and recomendations, help, feed back is GREATLY
apricated - thank you
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Kurt: "RE: Administrator's Journal"
- Next in thread: JGrimshaw_at_ASAP.com: "Re: tcp/ip routing question / router design"
- Reply: JGrimshaw_at_ASAP.com: "Re: tcp/ip routing question / router design"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
