From owner-freebsd-isp Fri Aug 20 12:21:37 1999 Delivered-To: freebsd-isp@freebsd.org Received: from richard2.pil.net (richard2.pil.net [207.8.164.9]) by hub.freebsd.org (Postfix) with SMTP id A45A51575A for ; Fri, 20 Aug 1999 12:21:32 -0700 (PDT) (envelope-from up@pil.net) Received: (qmail 10774 invoked by uid 1825); 20 Aug 1999 19:20:03 -0000 Date: Fri, 20 Aug 1999 15:20:03 -0400 (EDT) From: X-Sender: up@richard2.pil.net To: Evren Yurtesen Cc: freebsd-isp@freebsd.org Subject: Re: multiple machines in the same network In-Reply-To: <37BDA7A6.D999F103@ispro.net.tr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 20 Aug 1999, Evren Yurtesen wrote: > We are an ISP and we want to let our customers to put their own hardware > into our network. But the thing we are concerned about is security of > course. How can we protect our system from customers' machines? The best way is to just put a router between your colo customers and your own LAN. Second best is to employ an Ether switch. The only way I know of for the former method to sniff the LAN is to spoof the MAC address of a box who's packets you want to intercept. James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am ========================================================================= ISPF 3 - The Forum for ISPs by ISPs(tm) || Nov 15-17, 1999, New Orleans 3 days of clues, news, and views from the industry's best and brightest. Visit for information and registration. ========================================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message