On Wednesday 30 July 2003 23:44, Jeff wrote: > > You can set the notebook on a different network. Put the > > firewall/router on that network with another nic. It's the > > principle of a dmz... By putting the notebook on another network, > > and prohibitting access from that network to the internal network, > > you can keep your internal systems safer...
Yeah, actually, I had been thinking about it. I recently got an old 3Com ISA card for NOK 5 (~ USD0.7) so I think I could insert another NIC. They talked about having a Wi-Fi base station, so I thought I'd keep it open but on a separate NIC so I can see what is going through there. That's what I intended to use it for. But when you mention it, treating the Windows box as a random machine trying to connect, that may be a good idea. > This is a good option. In addition, or even instead of this, educate > your parents about your security concerns. Assuming that you trust > your parents, education could be the simplest solution. Well, I think the concern is mostly having a windows box on the inside, because it is not an option for them to not open attachments in mails they receive. Thus far, it has been relatively easy to identify e-mails with viruses, but it not difficult to envision a virus coming piggyback on an attachment you do expect from a sender you usually trust, and I think it is quite unlikely that there isn't a vulnerability in e.g. Word that can be exploited to make Word execute a script in a Word file regardless of if it is disabled. So, my education of them has been pretty much "be aware that this box can easily be exploited, therefore, make sure there is nothing on that box that you would want to keep to yourself, and nothing that is not stored on the Linux workstation). Then, I have taken it upon myself to make sure that the box will not hurt the internal network or the rest of the Internet. Cheers, Kjetil -- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC
