Networking advice

Nifty Hat Mitch mitch48 at sbcglobal.net
Fri Jan 21 17:06:53 UTC 2005 

On Fri, Jan 21, 2005 at 12:08:20AM -0500, Leonard Isham wrote:
> On Thu, 20 Jan 2005 15:58:07 -0800, Nifty Hat Mitch
> <mitch48 at sbcglobal.net> wrote:
> > On Thu, Jan 20, 2005 at 09:52:33AM -0500, Leonard Isham wrote:
> > > On Thu, 20 Jan 2005 09:48:05 -0500, Kanwar Ranbir Sandhu
> > > > On Wed, 2005-19-01 at 17:23 -0500, Leonard Isham wrote:
> > > > > Internet
> > > > >   |
> > > > > DSL Modem or Internet Router
> > > > >   |
> > > > > Firewall----Tenant-2
....
> > 
> > What about...
> > 
> >               Internet
> >                  |
> >            Cable-DSL Modem
> >                  |
> >          Network-N-port-HUB
> >            |   |    |   |
> >            |   |    |   \
> >            |   |    |    \
> >            |   |    |   CustomerFixedIP
> >            |   |    |
> >            |   |    \
> >            |   |     \
> >            |   |      \
> >            |   |       \
> >            |   |     FixedIP4
> >            |   |   YourRouterFirewall-NAT
...

> > What you place behind the modem depends on the service
> > you purchase in front.   There is little need to firewall the
> > tenants from each other as long as they are connected
> > to a switch so packet snooping is hobbled.
> 
> Snooping is hobbled, but quite doable.

If it becomes a problem purchase a different box.
I suspect that the OP should plan to upgrade this
layer ....  but first things first.

> My concern would be the unprotected, most likely unpatched, systems
> getting infestations and creating problems for al the tennants.  I
> just recently say an unpatched windows system with a public IP hooked
> to a T-1 at a trade show.  15 minutes later it was infected, and
> pegged the T-1.  Six hours later, after the troubleshooting the
> problem, removing the worm, patching they system, installing
> anti-virus and anti-spyware software that where back on-line.
> 
> In short if something like this happens to your tennants you will be
> blamed.

Spot on.

The OP should see by now that he is setting himself up as an ISP.  An
ISP can provide a long list of services and the OP should be aware
that each adds value and adds cost, so start small.

In my tree cartoon I attempted to communicate the concept that layers
of service are possible.  By simply moving a plug in the 'data closet'
the service to each tenant can be increased or decreased.

Your trade show example is good in that it shows that even
"professionals" can make errors that impact the entire local
community.

The other point is that any layer can be upgraded.  The Internet link,
router, hub, and other functional equipment can be upgraded to provide
any of a long list of additional features.

Me I would love it if my landlord would provide 7x24 medium speed
connectivity and a reliable email drop.  With gmail and other modest
cost mail services the mail box need not be large.

-- 
	T o m  M i t c h e l l 
	spam unwanted email.
	SPAM, good eats, and a trademark of  Hormel Foods.

More information about the users mailing list