Jesse Huestis on 3 Dec 2003 09:49:02 -0500 |
I have a situation where I am trying to limit the exposier of a LAN to attacks from a wireless network. What I have done is to issolate teh wireless side giving it only internet access and blocking all other traffic. They need to connect to a Network and Printer share on the LAN side from the wireless network. Solutions 1) Put all computers on the same subnet, but this opens servers etc., to attacks if someone hacks the wireless network. 2) Open up the ports to make the connections and limit the routing to just the IP addresses IP have assigned and to the times I have designated using the firewall. I like solution 2 because to adds serveral layers to get around, I am having trouble identifying all the ports I need. Right now I have found 133-139 as some of the ports necessary, I think. It did not work when I opened just those. Thanks, Jesse ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|