Thoughts on Dual NIC's

Printable View

December 21st, 2002, 03:54 PM
LaMan

Thoughts on Dual NIC's

Hello everyone! I have a simple two computer network at home and access the internet through a netgear FVS318 router/firewall and motorola cable modem. I only have tcp/ip enabled and use the router to share the internet. I have netbios turned off(not bound) and use zonealarm pro and norton security suite. I am running Windows XP Pro and have disabled all services that I don't use and use the windows firewall. Since I bought the router, zonealarm and nortorn have both given few if any alarms, mostyly now just if its ok for a new program to talk so I'm comfortable that I'm safer than before. The router logs show tons of hits that are now dropped. I've visited just about every site that provide security scans, I am showing stealth or no open ports and no exploits. Now is the question. I want to network the two computers and allow all shares, printers, scanner, hard-drives and cd's, A drives... everything. My thoughts are to run a seperate NIC in each computer and use a switch I already have and start a new network seperate from the internet. I don't want to password anything as my wife calls my name every five seconds for help. Is this safe(reasonable) or am I asking for trouble. I want unlimited access between the two computers. Thanks, sorry so long winded.
December 21st, 2002, 04:21 PM
Syini666

Hmm, I'm not to familiar with ZA Pro and Norton, but an idea would be to make a specific set of rules allowing the communication between the two computers IPs. Having two nics in each wouldnt matter that much, because the machine could still be compromised in theory by an outside person on the internet lan, and then somehow gain access to the other network and then the other computer.
December 21st, 2002, 04:36 PM
(V)/\><

yeah, i don't think that you need the two NICs either. just connect the two with the switch and tell the router that it is to ignore all incoming and outgoing data on the ports you are running the services on. safer yet would be for you too read up on network address translation (NAT) and autonomous systems, then only your router would be visible to the outside world.
December 21st, 2002, 05:05 PM
LaMan

Ahh..

Ok, why is it that the simpliest ways of doing things is always overlooked. What you are saying makes perfect sense, I just over thought it. The router uses NAT and statefull packet inspection. I will read up as you suggested and go from there. Thanks. Another good thing I like about my setup is that the motorola cable modem has a standby switch, I get through surfing and push the standby button and I have no worries untill I'm ready to surf again. I believe the best firewall you can have is not being connected when your away from your computer.
December 21st, 2002, 05:13 PM
Syini666

LaMan > your right, the best firewall would be actually disconnetcing, but then that would be more of a fire-gap than a firewall. Still I wouldnt rely too much on that standby switch, because it was designed by man, and we are by no means perfect.