Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 07 Apr 2001 16:00:40 +0100
From:      Lee Smallbone <lee@kechara.net>
To:        freebsd-security@freebsd.org
Subject:   Theory Question
Message-ID:  <200104071610.RAA18117@mailgate.kechara.net>
next in thread | raw e-mail | index | archive | help 
--_OPERAB__-snRvxGpQZy4mJNr+rjvg5d
Content-Type: text/plain; charset="us-ascii";

Hi there,

 I have a theory that I'd like to run past you guys if I may. We have an IDS watching over our network, and currently
 it logs to itself, and has a publicly accessible IP address. Now what I want to do is get it to also log to a second 
 machine, privately addressed, and remove the public IP address from the IDS, and use the private machine to run
 stats on and so forth. The primary concern is security. I am of the belief that a machine with no IP address cannot
 be 'hacked' (externally), is this true in the real world?

 The setup would look a little like this.

 
 (my apologies to those of you who do not have fixed-width fonts. See attachment if they're allowed here)	

  /------\          
 /Internet\-----[router]-------[switch]----[various servers]       
/          \       |               |
------------       |               | 
		   |               | 
		 [IDS]		   |
                   |          [firewall]
                   |               |
                   |               |
                   |               |
                   \           [switch]    
                    \           /   \
                     \         /     \ 
                      \       /       \
                       \     /         \
                        \   /     [internal lan] 
                         \ /       192.168.1.x
                      [IDS Log 2]
                      192.168.1.x


 Would the direct link to the Internal network pose a threat to the rest of the Internal Lan? 
 Bearing in mind the IDS wouldn't have an IP address?

  Any input appreciated.

--

Lee Smallbone
Kechara Internet

lee@kechara.net
www.kechara.net 

Tel: (01243) 869 969
Fax: (01243) 866 685


--_OPERAB__-snRvxGpQZy4mJNr+rjvg5d
Content-Disposition: attachment;
	filename="layout.txt"
Content-Type: text/plain;
	name="layout.txt"


	

  /------\          
 /Internet\-----[router]-------[switch]----[various servers]       
/          \       |               |
------------       |               | 
		   |               | 
		 [IDS]		   |
                   |          [firewall]
                   |               |
                   |               |
                   |               |
                   \           [switch]    
                    \           /   \
                     \         /     \ 
                      \       /       \
                       \     /         \
                        \   /     [internal lan] 
                         \ /       192.168.1.x
                      [IDS Log 2]
                      192.168.1.x









 
  /------\          
 /Internet\-----[router]-------[switch]----[various servers]       
/          \       |               |
------------       |               | 
		   |               | 
		 [IDS]		   |
                   |          [firewall]
                   |               |
                   |               |
                   |               |
                   \           [switch]    
                    \           /   \
                     \         /     \ 
                      \       /       \
                       \     /         \
                        \   /     [internal lan] 
                         \ /       192.168.1.x
                      [IDS Log 2]
                      192.168.1.x




--_OPERAB__-snRvxGpQZy4mJNr+rjvg5d--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104071610.RAA18117>