|
|
 |
Home Network Security
|
|
- The Peer Network -- All local PC's connected to hub; cable modem to hub via a "patch cable." This presents the greatest security problem -- all machines directly exposed on Internet. The Cable Operators used to recommend this way, would gladly sell you multiple IP addresses, and then told you to disable all sharing with your other machines! Yeah, now why were we building a home network?
- The Concurrent Host Network -- Cable modem connected to PC1; PC1 (via a second network card) connected to a hub. Then, PC2 and PC3 to the hub one machine is exposed to the Internet -- PC1. This network is similar in design to the "bastion host" and "dialup" networks, except that the host computer has three network cards -- one to talk to the cable/dsl modem and one each for the other two PC's on the local network.
- The Bastion Host Network -- Cable modem connected to dedicated firewall machine/hardware; PC1, PC2, PC3 to hub, dedicated firewall machine to hub. Firewall, if PC, is another machine with 2 network cards, running Linux/Unix and firewall code -- minimum installed software, no servers to the outside. Normally, the Bastion Host (PC1 in the diagram) would not be used for anything except isolating the local network from the Internet.
- The Dialup Network -- The Bastion Host structure also looks like the structure of a dialup-based network -- where one PC makes the dialup connection with the Internet Service Provider and the others connect to that one. In this case, PC1 is used as a normal PC for games, web surfing, email, etc. If you're running Windows here, email, , etc., then this structure simply resembles a Bastion Host network; it is not as secure.
- Cable/DSL Router Network -- Cable or DSL modem connected to a combination router & multi-port switch; PC1, PC2, PC3 to router. This is "state of the art" for a home system.
Win 9x/Me/NT/2000/XP
- Windows ICS (Internet Connection Sharing)
- Wingate (www.wingate.com),
- Sygate (www.sygate.com),
- others
Linux
- via iptables in RedHat, SuSE, and other distributions.
- via ipchains in earlier versions of the distributions
Hardware
- Linksys, D-Link and others make a hardware "cable/dsl router." This equipment provides masquerading services so that multiple machines can use one IP address; its function is somewhat similar to a proxy server.
Link to this page — just add this code to your web page!
<a href="http://www.terryscomputertips.com/computers/home-net-security.php">Home Net Security</a>
Copyright © 1999-2006 Terry A. Stockdale
|
|
Thank you for visiting my site — I hope you found the site and articles helpful. If you did, please consider supporting my efforts by making a purchase (if you have one to make) via one of the links in my articles, one of my recommendations, or in my "Ads by Terry" to purchase the item. You can also shop via these links to major Internet retailers
Amazon.com
TerrysComputerTips.com
Contact |
Join Mailing List
Hosted at HostGator
Copyright © 2005-2010 Terry A. Stockdale. All rights reserved.
Terms & Conditions Disclaimer Privacy Sitemap
