On Mon, 2004-03-01 at 14:55, Sasa Stupar wrote: > What is the potential security problem if you have network as follows: > > SOLUTION 1 > > INET-CABLE MODEM-----------------| > ROUTER-eth0-public IP address----| > ROUTER-eth1-private IP address---|------->SWITCH > ROUTER-eth2-private IP address---| > Internal server for mail,web-----| > all LAN users with private IP----| > > > SOLUTION 2 > > INET-CABLE MODEM-->eth0-ROUTER|--eth1| > --eth2|-->SWITCH > server and LAN users| > > I am thinking of the solution 1 because cable modem is a little bit to > far away from the router and I don't want to use to much of the cables. > I have setup router with MAC address filtering and also put firewall on > all internal computers. > > What is possible security problem comparing the 2 solutions above? > Depends what firewall/packet filtering capabilities eth0-ROUTER has ... > Regards, > Sasa -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
