[SATLUG] Home server security: Discrete LANs

Frank Huddleston fhuddles at gmail.com
Thu Feb 28 19:42:45 CST 2013


Greetings,

   I previously asked about how I might secure my son-in-law's home LAN 
if I put a server open to the Internet on it.
I liked the suggested idea of having a separate, distinct LAN with its 
own IP range, unable to access the computers in the home LAN, but I 
don't know how to implement that. Is it a capability of some home 
routers? In any case, it doesn't appear to be a capability of his: a 
Belkin N600 DB N+ Wireless router, model F9K1102v1. It has the 
capability to put one of the computers in its LAN in a "DMZ", where it's 
outside its firewall. But I assume that this computer would still be 
able to access other hosts in the LAN.
  I've read some things on the Internet about creating distinct LANs, 
but they seemed to be inconclusive speculations. Maybe an intelligent 
switch that can do virtual LANs? A second router? A different router? 
Some combination?
So I'm asking here: I realize it's more a networking question than a 
Linux-specific question, so feel free to direct me to a more appropriate 
forum.

Thanks,

Frank Huddleston



More information about the SATLUG mailing list