[Nottingham] Church network security.

Peter Taffs pjt270-lug at yahoo.co.uk
Tue Sep 7 18:22:41 BST 2004


An ADSL/Router with NAT will protect the machines on
your network. Check for specific vulernabilities and
updates from the router manufacturer.

Upon installation change the administration password
and disable remote administration.

After that, don't configure any port-forwarding or
DMZ.

Although this configuration will allow malicious
software on the internal network to access machines
the internet, which can then reply, stopping that is
hard. Virus scanning and personal firewalls help.

A wireless router/access point needs more
consideration.

Rather than give machines their own IP, the router may
support DHCP which will save allocating addresses and
possible conflicts.

Peter.
pjt270-lug at yahoo.co.uk


 --- jdel <hw68342003 at yahoo.com> wrote: 
> How I would do it:
>  
> {}{}internet{}{}<--->[ADSL Router with filtering and
> NAT]<--->[hub]<--->{}inside machines and printers{}
>  
> give the machines their 10...x's or 128...x's and
> then there's no (little) chance (i think) anyone can
> address them specifically from the outside. 
>  
>  
> j




More information about the Nottingham mailing list