Two network cards security issue

Two network cards security issue

Post by Remc » Wed, 15 May 2002 20:02:05



We want to setup a Solaris 8 workstation which has two network connections,
one connected to a corporate network, the other to a lab/test network.

I understand that it is not possible to really seperate both connections since
both cards use one device or something. Reads don't concern us but writes do.

What are the risks with such a setup and is there a way to really seperate the
two on one box?

Cheers,

Remco.

--
Remco Goozen - IT Consultant Engineer
Technical Staff Member Technical Platform
Lucent CIO Centers of Excellence EMEA

* Real men don't click

 
 
 

Two network cards security issue

Post by savares » Wed, 15 May 2002 21:24:48



> We want to setup a Solaris 8 workstation which has two network connections,
> one connected to a corporate network, the other to a lab/test network.
> I understand that it is not possible to really seperate both connections since
> both cards use one device or something. Reads don't concern us but writes do.
> What are the risks with such a setup and is there a way to really seperate the
> two on one box?
> Cheers,
> Remco.

I am not sure what you mean by "seperate". If you have two interfaces up
and running there really is no way to hide one.

The first risk I'd worry about, is Sun's default configuration of having
the server act as a router. Thus somebody could hack in, and use this box
to route packets into the lab network without really being connected to
it. So, the solution is to type "touch /etc/notrouter" and reboot (or
disable the routing features manually).

The second risk is to worry about is what would happen if someone was able
to access this server from the corporate network and then use it to launch
attacks against the second network. There is no solution to this, but to
limit exposure make sure all unneeded ports are closed, all unnecessary
daemons are disabled, and anything left open is TCP wrapped to limit access
to specific trusted computers....Also, you may want to consider programs
like tripwire or something similar to detect any hacking attempts...

Good Luck,
Scott

 
 
 

Two network cards security issue

Post by Stefan Doh » Wed, 15 May 2002 23:42:25




>> We want to setup a Solaris 8 workstation which has two network
>> connections, one connected to a corporate network, the other to a
>> lab/test network.

>> I understand that it is not possible to really seperate both connections
>> since both cards use one device or something. Reads don't concern us but
>> writes do.

>> What are the risks with such a setup and is there a way to really
>> seperate the two on one box?

>> Cheers,

>> Remco.

> I am not sure what you mean by "seperate". If you have two interfaces up
> and running there really is no way to hide one.

> The first risk I'd worry about, is Sun's default configuration of having
> the server act as a router. Thus somebody could hack in, and use this box
> to route packets into the lab network without really being connected to
> it. So, the solution is to type "touch /etc/notrouter" and reboot (or
> disable the routing features manually).

> The second risk is to worry about is what would happen if someone was able
> to access this server from the corporate network and then use it to launch
> attacks against the second network. There is no solution to this, but to
> limit exposure make sure all unneeded ports are closed, all unnecessary
> daemons are disabled, and anything left open is TCP wrapped to limit
> access to specific trusted computers....Also, you may want to consider
> programs like tripwire or something similar to detect any hacking
> attempts...

> Good Luck,
> Scott

You should compile ipfilter and make Firewall Rules for
each interface, which should make it harder break in to the system.

Get hold of nmap or another Portscanner, and see which Ports must be closed.

Have luck !
sdohn

 
 
 

Two network cards security issue

Post by J » Thu, 16 May 2002 03:57:59



> We want to setup a Solaris 8 workstation which has two network connections,
> one connected to a corporate network, the other to a lab/test network.

> I understand that it is not possible to really seperate both connections since
> both cards use one device or something. Reads don't concern us but writes do.

> What are the risks with such a setup and is there a way to really seperate the
> two on one box?

> Cheers,

> Remco.

I think you may mean the fact that the box will use the sam mac
address for the interface's.  I dont think this matters if you are on
two seperate networks.  If you want each interface to have a unique
interface set the local-mac-address prom value:

eeprom 'local-mac-address?=true'

 
 
 

1. two network cards, two(?) networks, one computer...

Greets.

At work we have several servers with two network
cards per configured on the same network.
Ie. one card would be 192.168.1.4 and the second one 192.168.1.5.
One card is plugged into the backbone.
However, the other card is plugged into a 'server-only' hub,
I guess for inter-server communication.

My question: is this sane?

--
Robert Dale

   "arrest this man he talks in maths"
                          RADIOHEAD OK COMPUTER

2. setting up a ppp connection under linux with pppd

3. Two Ethernet cards, two networks, now what?

4. Enabling L1 cache on Cyrix 386-to-486 upgrade processors under Linux -- CxPatch still needed?

5. How to set my Linux machine to have two network cards with two IPs

6. setting on telnet session

7. two computer connected by two network cards

8. wrong error message from mcopy (mtools)?

9. A Linux in Two Networks Throug the same Network Card?, HOW TO CONNECT

10. Trying to setup firewall on linux box with two network cards, cards are not configuring correctly

11. Routing issue with two NIC's on same network

12. Network Connections and Security Issues (HPUX 10.01)

13. Routing issue with two NIC's on same network