www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Restrict access to computer

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
mschutze



Joined: 23 Jan 2014
Posts: 4

PostPosted: Wed Mar 19, 2014 6:58 pm    Post subject: Restrict access to computer Reply with quote

Hi there,

I've been running Zeroshell in our laboratory to control internet access with great success! HTTP proxy is working fine to block sites like Facebook.

I now would like to add a few computers to the network and allow them only LAN access to the storage unit. These are computers attached to lab equipment (like DNA sequencers, microscopes, etc). It is very important that they remain free of viruses, so I would like to block all access to the internet and other computers from the LAN (except the storage unit).

I tried searching for the best way to do this, but couldn't find much information. I think the basic idea is to allow only DNS, DHCP and 445/TCP access to the IP from the storage unit to the IPs belonging to the computers.

How would be the best way to do this?

Thanks,
Back to top
View user's profile Send private message
DrmCa



Joined: 12 Apr 2011
Posts: 209

PostPosted: Wed Mar 19, 2014 8:02 pm    Post subject: Reply with quote

You don't even need to allow DNS.
Set up ZS box as a DNS server and forbid port 53 for entire LAN in a firewall.
The LAN machines will use ZS box as a DNS server.

There is a writeup here: http://www.zeroshell.org/opendns/

You can use OpenDNS or your ISP provider's DNS.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group