Network Security - IP Addresses

Posted on 2007-08-09
Last Modified: 2013-12-04
I support a small network made up of 2 servers, 2 NAS Devices, 1 ADSL router, and 3 printers, plus 17 Desktops/Laptops on the network.

I would like to nail down security so that only a few ip addresses can access the servers, nas devices  and access the internet if plugged in.

The network is not using DHCP, but there is nothing preventing rogue visitors just plugged in and guessing an IP range and stealing some internet if you know what I am sayin.

The network is wired as opposed to wireless and the need to lock-down things is due to an ffice next door using the hubs in the public area even though told not to do so, still happens from time to time..

Any help much appreciated. The only way I know to start is using IP filters in Windows, but what about the NAS devices and the Router, the gateway to the internet.

Question by:ActiveInfoSys
    LVL 18

    Assisted Solution

    What kind of switch are you using? You can use port security and lock down the ports on the switch to a specific mac address.
    LVL 9

    Accepted Solution

    Since "the office next door" has been told not to use the "hubs in the public area" then disconnect these hubs from your network.

    If you are responsible for this network then you are fully entitled to do so - regardless of their protests!
    LVL 5

    Assisted Solution

    You could also setup an Internet proxy so they wouldn't get access to the Internet without knowing the proxy config.  You could use a free proxy or pay for one.

    Author Comment

    JohnDemergian -

    I really like your idea of a Proxy Server. Very much indeed. Perfect really. But can't get client to pay for ISA server 2007.  Any other ideas along these lines, a free proxy? wow...please send links....might could pay up to £30.00, $60.00, but no more.

    Free would be worth trying right away.

    Would the proxy server have to be local or could it be internet based?
    LVL 5

    Expert Comment

    i don't have a specific one to recommend although i've used wingate in the past with good luck , it is not free. here is a google link
    you can also try because they have reviews of the free and shareware software...
    LVL 9

    Expert Comment

    Does the client really have a requirement for their staff to use the public area hubs?

    No network access device should be available to anyone else other than your own staff !
    I agree a proxy may be of use, but, this is still only blocking internet access - but they'll  already be on your network !

    If anything is required outside the general office then maybe a wireless solution would better than hubs, at least you can protect against unauthorised access - but the client should understnd that some money needs to spent in order to protect their network. Unless their willing to spend then they shouldnt have this access in these "public" areas.

    LVL 7

    Assisted Solution

    What model router are you using?  Have you checked it's capabilities to block/allow access based on MAC or IP?  Are users in the public area supposed to be able to access your network resources and internet?  Are you using a Windows domain with Active Directory?  Can you implement different VLANs on your network? Blocking Internet access in only part of implementing security on your network.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
    With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now