[LUNI] Making a private network somewhat public.

Samir Faci sfaci at cs.uic.edu
Tue Dec 11 17:00:02 CST 2007 

depends on your level or paranoia.

security is a compromise between usability and safety (confidentiality,
integrity.. and something else of your data).

you want true security.. turn off your machine put it in a safe.. and bury
it.  oh wait? you mean you wanted to USE it?

If you have a hardware firewall which is in front of your lan, then setup a
firewall on your lan machines as well.. the likely hood of your machines
being compromised is pretty minimalistic.  is it possible?  sure.....   not
very likely though.

I mean sure.. if you work for the NSA, and you have the NOC list on your
mysql db (or whatever that Mission impossible flic called it), it'd be worth
their while for someone to try to break in...and may find a way.. but unless
your targetted by a group of international hacking alliance to try to get
something specific.. you should be fine... as far as most attacks go... run
linux, try to keep the software up to date.. usual security guidelines....
and you should be fine.

that's just my 2 cents though...

--
Samir

On 12/11/07, Richard Reina <gatorreina at gmail.com> wrote:
>
> If I allow one machine that is already connected to the internet ( behind
> a
> router of course) to stay connected to my LAN.  Couldn't my LAN still be
> hacked through that machine (the one that is connected through the
> internet).  Is this likely?
>
> On Dec 11, 2007 1:47 PM, Tom Printy <tprinty at mail.edisonave.net> wrote:
>
> > What about using anther system that has internet access to generate the
> > report. You can setup MySQL to only allow this system and the 7 others
> > to access the DB. The report system would hit the MySQL instance and
> > then be allowed to send out the email reports. You should still consider
> > some type of hardware based firewall or turning ip an iptables based
> > firewall on the box that will connect to the Internet.
> >
> >
> > On Tue, 2007-12-11 at 13:26 -0600, Richard Reina wrote:
> > > I have a small linux LAN (7 pcs) that runs a homemade database
> > application
> > > (perl mysql).  They've had little if any reason to need to be
> connected
> > to
> > > the internet and due to my lack of prowess as a system admin and to
> the
> > fact
> > > that any loss of data or interuption would be very disruptive, I have
> > > elected to keep it that way.  However, there is an increasing need for
> > me to
> > > be able to send reports that are generated by the application via
> email
> > --
> > > without me having to go to another computer that is connected to the
> > > internet and retype the report.
> > >
> > > Can anyone give me some suggestions on the most secure way to allow
> > access
> > > to sending emails and the level of risk associated with doing so.
> > >
> > > Thanks for any ideas.
> > >
> > > Richard
> >
> > --
> > Linux Users Of Northern Illinois - Technical Discussion
> > http://luni.org/mailman/listinfo/luni
> >
> --
> Linux Users Of Northern Illinois - Technical Discussion
> http://luni.org/mailman/listinfo/luni
>

More information about the luni mailing list