DPChallenge: A Digital Photography Contest You are not logged in. (log in or register
 

DPChallenge Forums >> General Discussion >> network question
Pages:  
Showing posts 1 - 10 of 10, (reverse)
AuthorThread
 06/16/2007 11:24:01 AM · #1
im only an IT dabbler other people at work take care of this, but im interested in hearing other peoples opinions on this:

We have two networks. One with internet, and one 'super' secure one thats seperate without internet. Is there a way to get data between pcs of those two networks without compromising the security of the secure one?

I know that with a good firewall we shouldnt have a problem to begin with, but thems the rules
 06/16/2007 11:50:20 AM · #2
No. It would have to some sort of compromise since one is stand alone - not saying there are not options that reduce the risk enough to allow this. I assume they took off all the external points on all machines on the "super secure" machines and never let them out of the building right.... otherwise it might not be as secure as people think with some loading software from USB drives or CD/DVD or plugging them in at home :-) If not then setup a shared disk pool and have someone scan & check all files before allowing them onto the other network since it's not "super secure" anyway. I once worked at a place that did have super secure and there was no disks, USB ports or anything on the normal client machine - everything was server based.
 06/16/2007 12:08:27 PM · #3
Just unlug the network connection for the internet-enabled machine before hooking it up to your LAN. As long as it wasn't infected before, you're in no danger. After you transfer the files, reverse the procedure.

BTW: This is one reason I don't use wireless internet access.
 06/16/2007 12:17:08 PM · #4
Originally posted by kolasi:
im only an IT dabbler other people at work take care of this, but im interested in hearing other peoples opinions on this:

We have two networks. One with internet, and one 'super' secure one thats seperate without internet. Is there a way to get data between pcs of those two networks without compromising the security of the secure one?

I know that with a good firewall we shouldnt have a problem to begin with, but thems the rules


USB key or something similar is the best way.

As a network admin myself, I would frown upon if a user would be constantly switching between the secure network and the open network. I of course don't know why your company has it's network like this, but I'm guessing that there is a pretty good reason for having it this way.
 06/16/2007 12:30:29 PM · #5
Originally posted by robs:
No. It would have to some sort of compromise since one is stand alone - not saying there are not options that reduce the risk enough to allow this. I assume they took off all the external points on all machines on the "super secure" machines and never let them out of the building right.... otherwise it might not be as secure as people think with some loading software from USB drives or CD/DVD or plugging them in at home :-) If not then setup a shared disk pool and have someone scan & check all files before allowing them onto the other network since it's not "super secure" anyway. I once worked at a place that did have super secure and there was no disks, USB ports or anything on the normal client machine - everything was server based.

The fear is not from an employee taking a drive home or someone stealing something (though that could be something to consider). The concern is having someone get through the firewall, or a user getting virus from the internet and affecting cetain pcs. Thats why theres the seperate no-internet network. It might sound like over kill, someone described it as banning all cars cars because traffic accidents happen.

Only the IT room has pcs from both networks, and from what i see here maybe the best would be some external hardrive that can physically carry over data.

Thanks for the answers!
 06/16/2007 12:40:06 PM · #6
Without knowing the reasons for the super secure network, the answer to this would be hard to come up with. Transferring a computer between networks regularly would compromise the original purpose of setting up this way.
 06/16/2007 12:47:30 PM · #7
we have the same set up at my office but they allow us to use VPN(Virtual Private Network) Once connected and verified via password etc it is like being at work, then I can remote to my desktop and use all the resources. I am a network admin so I have to access servers all the time from home, but we offer this to all of the employees.
Ask your IT people if they would consider this

06/16/2007 06:20:48 PM · #8
If you can get in or out via VPN over the internet, then your network isn't isolated from the real world.

One place where I worked had an isolated network like that, but it still had to have connectivity to some of us in the outside world. We had modems set up that we would call and enter a code. Then the system computer would call the person the code was associated with at based on the phone number that was already in the computer. We had our computer on answer mode and would connect that way. This at least made the network more secure, but even that isn't 100% secure. And even on a totally non-connected network, if outside files are allowed to be brought in and introduced into the system by disk, CD, thumbnail drive, etc., then there is a chance that something malisous could be introduced that would do damage even if it could get back out... unless it tagged the information it found to a file that was taken out of the secure system the say way and waited until it saw an internet connection.

You will never have a totally secure network, system or computer as long as humans are involved in some way.

Mike
 06/16/2007 06:57:06 PM · #9
Originally posted by kolasi:
im only an IT dabbler other people at work take care of this, but im interested in hearing other peoples opinions on this:

We have two networks. One with internet, and one 'super' secure one thats seperate without internet. Is there a way to get data between pcs of those two networks without compromising the security of the secure one?

I know that with a good firewall we shouldnt have a problem to begin with, but thems the rules


This is complex. It's sort of like asking "I'm not a nuclear physisist, but can someone tell me the 5 easy steps to building my own nuclear reactor?" The short answer is ... no way to move files without compromizing security. Longer answer is, there are a number of ways without compromizing it too much. Easiest (and most feared by corp IT) may be to use a USB thumb drive, unless your company has disabled the sockets. But scan the files thoroughly with good anti-virus, anti-SPAM software first. Beware of Steganography.
 06/16/2007 08:23:48 PM · #10
Thanks for the replies. I shouldnt of said dabbler. I have a degree in Computer Science and am working on a masters in Information Technology, and am currently waiting to take exams to switch into the IT branch of my work. I give a hand to the IT guy here to gain experience, thats why I wanted to find an answer.

Im agreeing with the USB thumdrive option
Pages:  
Current Server Time: 04/20/2024 11:02:58 AM

Please log in or register to post to the forums.


Home - Challenges - Community - League - Photos - Cameras - Lenses - Learn - Prints! - Help - Terms of Use - Privacy - Top ^
DPChallenge, and website content and design, Copyright © 2001-2024 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 04/20/2024 11:02:58 AM EDT.