The clients would be running IP I assume, so they
could surf. Attacker can simply connect to one
of them as a jumping-off point. Not too difficult to
get a Win95 machine to connect a share from your NT box
and move the files in and out that way.
Ryan
---------- Previous Message ----------
To: firewalls
cc:
From: robinson @ tchocolate.com (andrew robinson) @ smtp
Date: 03/04/97 08:45:32 AM
Subject: packet filtering
Unknown MIME transfer encoding 8bit will be ignored
Content-Transfer-Encoding: 8bit
I oversee a small network of about 25 users (quickly growing): 10 Macs,
10 Win95 and 5 NT4.0 machines. Sometime during the next month, I will be
installing a Cisco 1602 so that local users can gain access to the web
and email.
We have 3 servers on the network: 1 appleshare (apple talk), 1 novell
3.12 (ipx) and 1 nts4.0 (netBEUI). None of the servers are or will be
running TCP/IP.
During the next six month, we will be replacing the macs with NT and
removing the Novell server. The network will then run entirely on ipx.
All DNS, Web and email will be hosted by our ISP. Email will eventually
move in-house.
So, if I do basic packet filtering on the Cisco, and ?unbind? TCP/IP
from the server services on the NT machines, am I setting up a pretty
secure/save situation?
If I block all UDP, will DNS revert to TCP and still function? Will this
hurt performance?
Thanks in advance,
andrew robinson
totally chocolate
|
|
