[NTLUG:Discuss] How do you secure a LAN?
Jack Snodgrass
jack+ntlug at mylinuxguy.net
Sun Dec 29 20:57:47 CST 2002
On Sun, 2002-12-29 at 18:41, Bob Byron wrote:
> How do you secure a LAN? Not every point of access is under my
> complete control.
>
> I want to make sure that no one connects any PCs that I don't know
> about to the company LAN. What is the best way to secure it? Ideally,
> I would like to have the LAN setup to do DHCP, however, with a user
> name and password required to register with DHCP. But, since that
> is not possible (that I know of), I am open for suggestions.
>
> Thank You,
> Bob Byron
You might want to explain in more detail what your trying to do
and what your goals are.
You could secure your network using Hardware Addresses and then
have someone (like me) run Linux, put in a second NIC card in their
box and use NAT to attach more boxes that you'd never know about
because they use the IP Address/MAC address of the box that you
do know about as their gateway.
Or the person may use an open port like the web or https and setup
a 2 way tunnel from outside your network to the inside of your
network and all you'd see is encrypted data going over the https port.
Where there is a will... there is a way. It's much easier to prevent
people from the outside getting in than it is preventing people on the
inside getting out.
jack
More information about the Discuss
mailing list