[Dshield] adsl and 2 pcs

joe.duncan@hrdc-drhc.gc.ca joe.duncan at hrdc-drhc.gc.ca
Mon Jul 16 16:48:28 GMT 2001


David, you seem to have misunderstood the initial poster's message. In it he 
stated exaclty how the internet PC was connected to the DSL modem. (Note: it 
is a DSL modem, not a DSL router).

His PC is connected to the ADSL modem via USB. I have never seen this type of 
configuration, but it must be similar to having two NICs. Instead of having a 
NIC connected to the ADSL modem, the poster has a USB port connected to the 
ADSL modem. (Similar to external analog USB modems).

In addition the user has a NIC on the internet pc connected on a BNC cable to 
the NIC on the data PC. Since the user is using BNC cabling, there's no hub 
involved, only the network bus. The data and internet PC are on the BNC 
ethernet bus. The ADSL modem is not. It is on a separate network connection 
(established with the USB ADSL modem). All the traffic from coming from the 
modem (on the first "virtual" NIC) is subjected to the ZoneAlarm firewall 
rules and the Network Address Translation (NAT) rules on the internet PC 
before being placed on the BNC bus.

This case is functionally identical to the first case you describe, so the 
user has low risk to their data PC.

Joe Duncan
HRI Systems/Systèmes d'IRH
Human Resources Development Canada/
Développement des ressources humaines Canada
joe.duncan at hrdc-drhc.gc.ca
Tel: (819)997-7986
Fax:(819)994-4544
Place du Centre 1 flr/étage
200 Promenade du Portage
Hull, QC
K1A 0J9

---------- Original Text ----------

From: "David Kennedy CISSP" <david.kennedy at acm.org>, on 16/07/2001 12:32 PM:

-----BEGIN PGP SIGNED MESSAGE-----

At 10:28 AM 7/16/01 +0100, Steve Mainwaring wrote:
>I read its not a good idea to have 2 different firewalls running on
>same pc, how about 2 different firewalls on 2 pcs?
>
>1 'internet pc' connected via usb to ADSL. 2nd 'data pc' connected
>via 100base-T using Netbeui. Have Zonealarm on internet pc but
>nothing on data pc. Is this safe? Is it a good idea to put zonealarm
>on 2nd pc? or some other software firewall?

I don't have sufficient information about your environment, but I'm
not as comfortable as the other replies that your risk is low.

How is the Internet PC connected to the DSL router?  If you have two
network interface cards, one connected to the DSL router and one to
hub, then I would agree with the other posters that the "data pc" has
a relatively low risk.  

If you have two cards but use Windows98 SE or ME or NT or 2000 and
allow Internet connection sharing, the data pc is at nearly the same
relative risk as the Internet PC.

If however, your Internet PC has one network interface car and it is
connected to the hub and the hub is connected to the router, and the
data PC is connected to the hub, only configuration settings on the
router and the data pc would prevent it from being visible to and at
risk from the Internet.  Those setting are probably to complex to
diagnose simply via e-mail.

Johannes is absolutely correct that having an up-to-date anti-virus
is essential as there are several viruses "in the wild" that would
seek out your data pc if your Internet pc became infected.  Given the
relative costs of a desktop firewall versus the cost of the data and
the PC itself, wouldn't it be a better idea to just install a
firewall on the other PC and sleep better?


-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: When was the last time you backed-up your hard drive?

iQCVAwUBO1MHv/GfiIQsciJtAQFdIgP/d+wciwJURm8zma6ckR7e+usMAs+uFiCp
K9apGQVvurZeKKIAf+7f27cO2f+rKUCiOatvCpBKAYNe0xp41T4++4eVPsRwoccv
CbN4CXhf0HEbyMaZSOYRFprOAUTVOrlNWsfpk8uA8NPMLkYyKH4L+9VpkAOhazzD
hbeZHnLtugQ=
=gd8u
-----END PGP SIGNATURE-----

-- 
Regards,

David Kennedy CISSP
Director of Research Services, TruSecure Corp. http://www.trusecure.com
Protect what you connect.
Look both ways before crossing the Net.

_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see: 
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list