Ads by Terry Slow PC? Optimize Your PC Registry Repair and Optimization with Optimize 2.0 terryscomputertips.com/Optimize20 Local number or Toll-Free Faxing Send faxes by email. Receive faxes by email US, UK, Canada & Europe terryscomputertips.com/MyFax Save a Bunch - CarrotInk Premium Ink without Premium Price Laser toner, Inkjet Cartridges terryscomputertips.com/CarrotInk

Top Choices for October...   VIPRE Antivirus+Antispyware   NetZero Free Dialup 10hrs /month   GoToMyPC 30-day Free Trial   Hostgator 20% Off WebHosting

Home Network Security

• The Peer Network -- All local PC's connected to hub; cable modem to hub via a "patch cable."  This presents the greatest security problem -- all machines directly exposed on Internet.  The Cable Operators used to recommend this way, would gladly sell you multiple IP addresses, and then told you to disable all sharing with your other machines! Yeah, now why were we building a home network?

• The Concurrent Host Network -- Cable modem connected to PC1; PC1 (via a second network card) connected to a hub. Then, PC2 and PC3 to the hub  one machine is exposed to the Internet -- PC1. This network is similar in design to the "bastion host" and "dialup" networks, except that the host computer has three network cards -- one to talk to the cable/dsl modem and one each for the other two PC's on the local network.

• The Bastion Host Network -- Cable modem connected to dedicated firewall machine/hardware; PC1, PC2, PC3 to hub,  dedicated firewall machine to hub.  Firewall, if PC, is another machine with 2 network cards, running Linux/Unix and firewall code -- minimum installed software, no servers to the outside. Normally, the Bastion Host (PC1 in the diagram) would not be used for anything except isolating the local network from the Internet.

• The Dialup Network -- The Bastion Host structure also looks like the structure of a dialup-based network -- where one PC makes the dialup connection with the Internet Service Provider and the others connect to that one. In this case, PC1 is used as a normal PC for games, web surfing, email, etc. If you're running Windows here, email, , etc., then this structure simply resembles a Bastion Host network; it is not as secure.

• Cable/DSL Router Network -- Cable or DSL modem connected to a combination router & multi-port switch; PC1, PC2, PC3 to router. This is "state of the art" for a home system.

Win 9x/Me/NT/2000/XP

• Windows ICS (Internet Connection Sharing)
• Wingate (www.wingate.com), 
• Sygate (www.sygate.com), 
• others

Linux

• via iptables in RedHat, SuSE, and other distributions.
• via ipchains in earlier versions of the distributions

Hardware

• Linksys, D-Link and others make a hardware "cable/dsl router."  This equipment provides masquerading services so that multiple machines can use one IP address; its function is somewhat similar to a proxy server. 

Home Net Security, part 1 |  2
Home Networking Basics, part 1 |  2 |  3 |  4 |  5 |  6

Link to this page — just add this code to your web page!

<a href="http://www.terryscomputertips.com/computers/home-net-security.php">Home Net Security</a>

Copyright © 1999-2006 Terry A. Stockdale