Jump to content

Wierd networking question


Recommended Posts

Ok, here is the wierd part, I have three PC's that are connected to the net thru a wired router, I Also have two other PC's that I want to use as servers, one with windows, as a file share, the other with FC3 for use as a in house http server, for use in tweaking my own forum without worring about messing up my host server. The two servers I do not want connected to the internet in any way, to avoid hacks. Now my plan is this, to add secondary NICs to the internet capable machines, and run them to a network switch, to which the servers will be connected. Is this possible?

Link to comment
Share on other sites


Unless you port forward your router to the servers, they cannot be accessed from the Internet. And there is no secure way to make your two servers safe if they are part of a network that has access to the Internet no matter which way you configure them. If one machine can be accessed from the outside, they all theoretically can get hacked. The best way is to insure that no port forwarding is in effect with your router and you will be one step safer.

Link to comment
Share on other sites

I have all port forwarding disabled in the router. I know there is always a hacking possibility. I tried the linux server once before thru the router with 80 open supposedly only to my internal network, I was hacked in minutes, so I gave up that plan. Just looking for a safer way to do this.

Link to comment
Share on other sites

I don't know much about linux security, I specialize mostly in Windows based systems. See the problem is that even if you install secondary network cards, just the fact that one of the machines connects to the internet leaves that "door" possibility. My only advice would be to forward only the absolute minimum of ports. Make sure all your computers are secured with alphanumeric passwords and have all of the latest operating system and application level updates possible.

Link to comment
Share on other sites

Something I tried recently on a smaller network was to take a really old good for nothing computer and just set it up as sacrificial lamb in the DMZ. Mind you it's running XP SP2 with all of the patches and updates so that it won't get taken down immediately. But it gives the kiddies something to mess with, generally drawing attention away from what matters.

There's all sorts of other things you can do as well but that would involve a rather lengthy reply, not to mention an endless debate on what's better.

Link to comment
Share on other sites

There's all sorts of other things you can do as well but that would involve a rather lengthy reply, not to mention an endless debate on what's better.

Because no one ever argues about what's better? Right? Heh... network security is such a subjective matter that can be debated without end. Edited by jcarle
Link to comment
Share on other sites

No default gateway means no communication with devices on ANOTHER subnet.. Local subnet still accessible

Default gateway is your doorway out of the lan into the wan..if you dont have one then you cant fine your way out.

Routing is non-existant on a single subnet lan anyways

Edited by chilifrei64
Link to comment
Share on other sites

Thank you very much! Its working as planned, no default gateway since all info is being sent and recieved to and from the file server thru secondary NIC's on the IE capable machines. The primary NICs have only TCP/IP protocol enabled, and are not bridged to the secondary's.

Edited by Stone_age
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...