Security Question

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a pretty simple question about security and networking. I have a
network here at work using Active Directory on Server 2003. I have a Soho
firebox as the last point before going out on the internet. All the computers
are connected via a 3COM switch. If i take a wireless router like a simple
LinkSYS WAP54, and I plug that into the 3COM, then I connect to the WAP54
with a computer that is NOT on the network (like a laptop just to connect to
the internet), is there a risk of getting a virus or other security threat on
the server through that computer even though that computer is not on the
network as there is no account for that computer? I hope I made sense, I am
still learning about all this security stuff.
Thanks
 
There is a BIG threat associated with that. In order for that computer to
get out to the internet, it will need an IP address( and/or gateway address)
on your network, thus it is part of your physical network whether it has a
computer account in AD or not. Some viruses can spread across your network
through network connections alone. You should never allow a PC to access the
internet from your network unless you know it is safe from viruses/spyware
and it has up-to-date virus scanning software installed.
 
ok, thanks alot for the info. if i put it on the other side of the firebox
then it would be ok, right? if thats possible...
 
You would have to give it a public IP address, and with no firewall between
it and the rest of the world you would only be asking for trouble.
 
rich7779 was thinking very hard :
I have a pretty simple question about security and networking. I have a
network here at work using Active Directory on Server 2003. I have a Soho
firebox as the last point before going out on the internet. All the computers
are connected via a 3COM switch. If i take a wireless router like a simple
LinkSYS WAP54, and I plug that into the 3COM, then I connect to the WAP54
with a computer that is NOT on the network (like a laptop just to connect to
the internet), is there a risk of getting a virus or other security threat on
the server through that computer even though that computer is not on the
network as there is no account for that computer? I hope I made sense, I am
still learning about all this security stuff.
Thanks
Click to expand...

if it is a managed switch you could use a VLAN to do this
one for your domain and another for public use
routing is required between VLAN's
so in theory a device on the public VLAN would not be able to reach
your domain VLAN

grtz
 
Back
Top