cancel
Showing results for 
Search instead for 
Did you mean: 

Laptop->Lan (Security Risk!)

Stef
Grafter
Posts: 247
Registered: 13-08-2007

Laptop->Lan (Security Risk!)

Quote
sygate allows traffic blocking from certain boxen on the network to the PC that it is running, you could also get a hardware firewall that blocks the ports to all other boxen, such as IPtables on a locked down linux box, or a dedicated hardwaref irewall


Ah, maybe a use after all for all those 'old' pc's I've got laying around the place.. sort of a "Laptop isolation device!" Tongue

Anybody know the cheapest two port hardware firewall?

Thanks, Stef
6 REPLIES
Stef
Grafter
Posts: 247
Registered: 13-08-2007

Laptop->Lan (Security Risk!)

I hear that a potentially big problem is when you connect a laptop to a LAN behind a firewall i.e. this is an ace way to introduce a virus or worm behind your firewall.

My questions are:

1/ Are there any (muti port) firewalls where you can 'lock down' one cable reserved for the Laptop (say maybe only allow HTTP, pop3 and smtp but no peer-to-peer traffic i.e. blocks everything to 192.x.x.x from the laptop?)

2/ Is there any kind of 'device' that you could plug between your laptop and switch/router to achieve the same effect...

Thoughts appreciated...

Thanks, Stefan
N/A

Laptop->Lan (Security Risk!)

sygate allows traffic blocking from certain boxen on the network to the PC that it is running, you could also get a hardware firewall that blocks the ports to all other boxen, such as IPtables on a locked down linux box, or a dedicated hardwaref irewall
N/A

Laptop->Lan (Security Risk!)

found some cheap stuff off ebay

but the best solutions is really an old PC (off ebay as well) and ipcop
Stef
Grafter
Posts: 247
Registered: 13-08-2007

Laptop->Lan (Security Risk!)

ipcop or smoothwall? :?
N/A

Laptop->Lan (Security Risk!)

smoothwall // openbsd // freebsd are all good for firewalls, the first 2 mainly. They will run on a p1 / p2 with 32 meg ram. just get two 10mbit nics for like 1quid and ur sorted Cheesy
Superuser
Superuser
Posts: 10,023
Thanks: 1,562
Fixes: 19
Registered: 22-08-2007

Laptop->Lan (Security Risk!)

Most decent routers will allow you to limit connectivity by MAC address. Though I'm not sure of the detail, you ought to be able to lock down the ports and protocols a specific device can use.