Re: sandbox for Window$
On Thu, Nov 11, 2010 at 08:33:55AM +0000, Russell L. Harris wrote:
> * Boyd Stephen Smith Jr. <bss@iguanasuicide.net> [101111 08:21]:
> > In <[🔎] 20101110213657.GA3376@rlharris.org>, Russell L. Harris wrote:
> > >I think that my need is for a "sandbox" to isolate a Window$ computer.
> >
> > Assuming by "Window$" you mean MS Windows, you are posting to the wrong forum.
> > This forum is not for MS Windows support issues.
>
> I am not looking for MS Window$ support; actually, this question is
> applicable to any OS. The issue is isolation of a particular machine
> having files to which machines in a protected network require access.
>
> Perhaps I should have made clear the fact that I have a LAN composed
> of machines running Debian, and I am loathe to allow a M$ Window$
> machine (possibly infected with malware) to connect directly to the
> LAN.
>
>
>
> > OTOH, A sufficiently tuned iptables setup could do this on a Linux system, so
> > there may be a similar solution with the MS Windows firewall or third-party
> > firewall software for that OS.
>
> I have not learned how to work with iptables, but I am thinking that a
> Linux-based firewall-router such as SmoothWall might fill my need,
> with the Window$ machine on the PURPLE (wi-fi) or ORANGE (public
> server) port.
>
I think you could just put a standard router in between them. Put the
Windows machine on the WAN port of the router, and the Linux machines on
the LAN ports. The Windows machine would then be "public" and the Linux
machines would be "private". Just make sure the firewall is enabled on
the router.
-Rob
Reply to: