|
Posted by M. Trimble on August 6, 2006, 11:48 pm
If you were Registered and logged in, you could reply and use other advanced thread options
James wrote:
> Hi all,
>
> I have two computers, one Windows and one linux; the linux one I want
> to setup Samba on, and also have it as a secure server. In other
> words, I want to be able to run security tools on the "network"
> (crossover cable needed?) - which terminates at a router.
>
> Here is the question: Using SATAN or equivalent tools, how do you
> prevent it from going outside the "LAN", so it doesnt start trying to
> scan the ISP connected to the router?
>
> Picture:
> Spare crossover cable (CAT5)
> Computer 1 (one ethernet jack) Computer two (one ethernet jack)
> \ //
>
> \ //
> CAT5/6 CAT5/6
> \ //
>
> |
> |-------------------------|
> Router (five ports plus one port for feed to
> internet)
> |
> |
> ISP < ------------------ > Internet
>
> Tools I want to run on my home "LAN":
> SATAN
> SAINT
> NMap
> etc.
>
> Additional question: There is also a unix for windows application
> installed on the Windows PC, can this be scanned as well as if it were
> an actual unix machine (i.e. it runs init and similar processes, and
> can also view ALL windows processes as well)?
>
> Hope that slight question makes sense and TIA.
>
> Me - Just Me
The 'Old Guy' has given you some really good advice - Moe, you've got my
respect as a giver of good advice, well-written.
Now, let me give you a windoze luser's perspective. Keep the
router/two-computer setup you've got. But use regular cat/5 cables, you
don't need to muck around with crossovers - that's what the router does
automagically.
My setup: I'm running two boxen, one under Fedora Core 5, the other under XP
Home edition, connected thru a router.
Your windoze and Linux boxen can talk all day long with no one the wiser or
less secure if you set things up correctly.
On the Windoze side of the house, I recommend antivirus, spybot, and
firewall software. I'm not trying to start a religious war, but I've had
good experience with Spybot Search and Destroy, AVG antivirus, and
ZoneAlarm. They're all available in a no-cost version, the all update quite
frequently, and they all do a reasonably good job with little or no
installation/setup/configuration headaches.
On the Linux side, I would recommend an upgrade to a newer version in the
interest of service life, interoperability, and whatnot. FC5 I *know* comes
with intrusion detection software, so SATAN/SANTA, Saint, etc. are not
needed.
Samba can be set to accept connections from one and only host. In your case,
it has to be the IP address of your router. And it can be set to accept
connections from a limited number (one, ideally) of users. Done this way,
you have to be the right person, coming from the right place to get Samba
to talk to you.
If you do that, and shut down all your other server daemons, you're secure,
so you don't need to worry overly much about intrusion.
HTH.
| 
XML site map