Link to home
Start Free TrialLog in
Avatar of birenshukla
birenshukla

asked on

Protecting Server on a LAN with DSL connection

Hello,

Windows 2003 LAN, DSL connection, Linksys router, DSL router, Dlink switch. Of course the server has the role of DNS and DHCP and they(server&wks) all have private IP address.

If my server is plugged into one of the switch ports is it secure?
Dan I simply rely on the built in firewall on the Linksys Router?

On a seperate note, how can I restrict internet access to certain workstations in a DSL enviornment? From my research, I can point the internet excluded wks to point to invalid proxy address? Any other suggestions?

Can you point me to a link that explains how to setup a proxy server for the above enviornment?

What type of software firewall do you recommend to protect the server?

Thanks,
Biren
Avatar of dr_binks
dr_binks
well I personally use 'Smoothwall 2.0' on both my home LAN and the LAN I am admin of at work.
it is free to download, however it does require a dedicated machine (a P2 266 with 64MB and a 4GB HDD will do, you also need 2 or 3 networks cards depending on how you want to set it up)

smoothwall works like this:

you have 2 or 3 zones (depending on the nummber of network cards)
red zone is for the internet connection
orange is for DMZ (i.e. for webservers and mail servers ect)
and the green zone is for secured LAN

the green zone can talk to the oranger zone (not the other way unless you open ports up in the options)
and the red zone can only talk to the green zone if somone requests somthing (say a web page)

when you have setup the proxy machine, you dont need a kb/mouse/monitor attached to it because everything is done via web configuration from a remote machine.

you can download smoothwall 2.0 from www.smoothwall.org

it has a rather extensive admin/setup guide making it easy peasy to install and configure.

to install it, you burn the ISO onto a CD and boot from the CD (like installing windows)

the diagram of you network will oook somthing like this:

                                                                                           Modem/router
                                                                                                 |
                                                                                                 |(RED)
                                (ORANGE)                                                   |                            (GREEN)
              external services servers     ------   switch   -------  smoothwall proxy----- switch -------------- computers

I hope this helps you out

~Binks
Avatar of birenshukla
birenshukla

ASKER

That is extremely helpful.  I will have to test it out. That should answer my firewall question. However, I want to know what would somebody do, if they did not want to setup a proxy firewall.
Avatar of dr_binks
dr_binks
There isnt much you could do... except install another f/wall on your machine.
Also, the proxy I told you above works exactly like a router, everything is transparent. you set up you IP addres similar to you IP address now while you are using your router and thats it... no other settings on your machines are required.
You will notice absolutly no difference (other than the fact that you shoudl be able to use P2P progs like kazaa, bittorrent etc)

I really do recommend going for this setup if your concious about security.

~Binks
Avatar of dr_binks
dr_binks
correction:
 (other than the fact that you **should't** be able to use P2P progs like kazaa, bittorrent etc)
ASKER CERTIFIED SOLUTION
Avatar of Rich Rumble
Rich Rumble
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial