Network Security - IP Addresses

Posted on 2007-08-09
Medium Priority
Last Modified: 2013-12-04
I support a small network made up of 2 servers, 2 NAS Devices, 1 ADSL router, and 3 printers, plus 17 Desktops/Laptops on the network.

I would like to nail down security so that only a few ip addresses can access the servers, nas devices  and access the internet if plugged in.

The network is not using DHCP, but there is nothing preventing rogue visitors just plugged in and guessing an IP range and stealing some internet if you know what I am sayin.

The network is wired as opposed to wireless and the need to lock-down things is due to an ffice next door using the hubs in the public area even though told not to do so, still happens from time to time..

Any help much appreciated. The only way I know to start is using IP filters in Windows, but what about the NAS devices and the Router, the gateway to the internet.

Question by:ActiveInfoSys
LVL 18

Assisted Solution

chuckyh earned 200 total points
ID: 19662431
What kind of switch are you using? You can use port security and lock down the ports on the switch to a specific mac address.

Accepted Solution

trinak96 earned 800 total points
ID: 19662453
Since "the office next door" has been told not to use the "hubs in the public area" then disconnect these hubs from your network.

If you are responsible for this network then you are fully entitled to do so - regardless of their protests!

Assisted Solution

JohnDemerjian earned 800 total points
ID: 19662530
You could also setup an Internet proxy so they wouldn't get access to the Internet without knowing the proxy config.  You could use a free proxy or pay for one.
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.


Author Comment

ID: 19664381
JohnDemergian -

I really like your idea of a Proxy Server. Very much indeed. Perfect really. But can't get client to pay for ISA server 2007.  Any other ideas along these lines, a free proxy? wow...please send links....might could pay up to £30.00, $60.00, but no more.

Free would be worth trying right away.

Would the proxy server have to be local or could it be internet based?

Expert Comment

ID: 19664973
i don't have a specific one to recommend although i've used wingate in the past with good luck http://www.wingate.com/pricing.php , it is not free. here is a google link http://www.google.com/search?hl=en&q=free+windows+proxy+server
you can also try downloads.com because they have reviews of the free and shareware software...

Expert Comment

ID: 19665032
Does the client really have a requirement for their staff to use the public area hubs?

No network access device should be available to anyone else other than your own staff !
I agree a proxy may be of use, but, this is still only blocking internet access - but they'll  already be on your network !

If anything is required outside the general office then maybe a wireless solution would better than hubs, at least you can protect against unauthorised access - but the client should understnd that some money needs to spent in order to protect their network. Unless their willing to spend then they shouldnt have this access in these "public" areas.


Assisted Solution

myin68 earned 200 total points
ID: 19666679
What model router are you using?  Have you checked it's capabilities to block/allow access based on MAC or IP?  Are users in the public area supposed to be able to access your network resources and internet?  Are you using a Windows domain with Active Directory?  Can you implement different VLANs on your network? Blocking Internet access in only part of implementing security on your network.

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question