LISTSERV - PCBUILD Archives - LISTSERV.ICORS.ORG

PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG

	LISTSERV Archives
	PCBUILD Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: networking question
From:	[log in to unmask]
Reply To:	PCBUILD - Personal Computer Hardware discussion List <[log in to unmask]>
Date:	Thu, 18 Oct 2001 17:58:11 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (72 lines)

On 16 Oct 2001, at 22:19, Larry Fisk wrote:

> Our Local Community Hospital has asked me to network 3 computers
> (2-win98 1- win2k)in adjoining offices. They are a little paranoid
> about someone (within the hospital) accessing their files.

  Note that Win98 is not a robust security solution....

> The hospital has DSL internet thru a Linksys router. Right now the
> computers are hooked via cat5 ethernet to the DSL router. The DSL
> apparently just works thru the physical connection to the router,
> as there isn't a gateway installed on any of the computers.

  There is probably a PPPoE driver on each machine which establishes
a connection to the router, so that no gateway setting is necessary.
Alternatively, the router may be supplying a gateway setting via
DHCP, at the same time as it supplies an address and net mask to use,

> They want to use the DSL on these 3 computers as well as have a
> secure 3 computer network that none of the other computers in the
> building can access. The main concern is internal security as the
> router should act as a firewall to stop external
> access.......right??

  Is there a physical connection between any other machine in the
building and the router?  It's not clear from your description.

  IF the router is doing NAT or PAT dynamically, most outside
connection attempts will fail.  However, this is not the same as a
firewall.

>  My first thought was to install 2 nics on each computer and
> connect them with a small hub, but they are already connected via
> the DSL router.

  If the DSL "router" is providing multple client-side connections,
it is because it has a hub or swtich built in to do so.  So you are
correct, that another such device is probably unnecessary.  (It may
perhaps offer a performance gain in some scenarios, but it will not
improve security or functionality.)

>  My idea is to use Netbeui only on these three computers and
> password protect file and printer sharing. My thought is even if
> someone installed netbeui on one of the other computers the
> password would stop access. Ideas?

  Review "user level" versus "share level" security.

  If it were me -- and cost were no object[*] -- I'd do tow things:

1.  Migrate the 98 boxes to NT/2000 and make at least one a Domain
Controller.  Migrate file systems on all three machines to NTFS.
Give all authorized individuals domain user accounts, and secure
shares and folders and machine use in terms of those accounts.

2.  Put them on a separate hub/switch, with a small firewall (e.g.
NetScreen 5XP) between that than the DSL router.

[*] I'm not entirely conversant with HIPAA, but meeting its
requirements may dictate that they have to go to something like #1 as
a minimum.....

Dave Gillett

> <>< Larry Fisk
>          Fisk Computers
>            Fruitvale, Idaho

              The NOSPIN Group is now offering Free PC Tech
                     support at our newest website:
                          http://freepctech.com

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG