|
Hi,
Sorry if this is somewhat of an off-topic for this
list. But I just couldn't think of any place else to get a quality answer
as this list.
I have been keeping my office's internal LAN and
web servers completely disconnected in order to be absolutely sure that internal
LAN segments are safe from hacking or cracking attempts. (The network cables
physically do not connect between these two segments.) This worked great
from security perspective.
Due to obvious drawbacks with this set up, I am now
attempting to patch a line between the router to the multi-port switch serving
the NT 4 based internal LAN. Of course all internal machines will only be
assigned the private network IPs starting with 168.192. I am hoping that
the machines with private network IPs will be completely inaccessible from
outside. My big question is: Is this that simple? Or am I
missing something? Can someone access a Internet-connected machine such as
web or ftp server THEN somehow reach into internal machines using some type of
Windows share?
Any comments would be greatly appreciated.
Thanks all in advance.
James Kim
|