T1 connection security, remote access

B

budgey

OSNN Newbie
Joined
1 Jul 2007
Messages
4
I have a small business that's about to get a T1 internet connection for phone and internet. The the ISP/phone company that we're using is installing an adtran 8T(?) to connect this at the Dmarc which will connect our phone and serve as a router four our network. I'll be connecting this to our 8 port hub for our small 3-4 XP computer workgroup. I've asked for only 1 IP address for now.

My concern here is security. The Adtran will provide some security but is it enough? I was thinking I could just use an old Gateway pc (500mhz) add another NIC and install Smoothwall www.smoothwall.org as additional security.

Our plans are to remotely access business info and have real time access to our surveilance cameras'.

Am I overlooking a lot here? Is a server necessary? Any 3rd party suggestions as far as how to access?
I just realized if we use remote desktop we have to be using XP Pro from the remote PC.
Is this possible with Smoothwall? (for anyone who may know about this)
Web based access would be better for some of our users.

Thanks in advance for anything you have to offer.
Budgey
 
Have you considering simply buying a hardware firewall to place between the Internet connection and the router?
 
A 500 Mhz gateway will choke the throughput of your connection, especially if you want video over it. Your router will provide a HW firewall because of the NAT. Just make sure DMZ is turned off, the port forwarding is limited and a secure password (8-10 digits letters, cap's, numbers and punctuation) is installed on the router and all the computers.

You should also have a software firewall on each PC (a real one not windows firewall, it is outbound only and essentially useless) as well as an antivirus and adware protection suite. You will run into problems running some applications remotely or through a firewall with the protection up.

What you really need is VPN for your remote access.
 
Or get a sonicwall. VPN and monitorable hardware firewall hat you can ban ranges of IP's as well as many other advanced options.
 
A routers integrated firewall may be nice, but it should not be relied upon to be a full fledged firewall. A separate firewall between the Internet and the router will be the most beneficial.
 
Packet sniffer on some traffic and you would have the internal IP, and be able to build packets that were for fake connections, thus getting into the internal network. After that it is only time until you can find some weakness to exploit.
 
for a dedicated internet line like a T1 I'd put a full on OpenBSD/FreeBSD server with Pf packet filter to screen traffic.
 
You must log in or register to reply here.

Members online

No members online now.
Total: 237 (members: 2, guests: 235)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,623
Latest member
AndersonLo
Back