Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Glurp
8511 posts

Uber Geek
+1 received by user: 3901

Subscriber

Topic # 242269 18-Oct-2018 15:53
Send private message quote this post

I have an old windows pc I use as a sacrificial goat for checking dodgy downloads. I also want to use it on doubtful sites and links. To do this it has to be able to connect to the Internet. What is the best way to shield it to be certain nothing gets access to my network?

 

 





I reject your reality and substitute my own. - Adam Savage
 


Create new topic
3457 posts

Uber Geek
+1 received by user: 962


  Reply # 2110560 18-Oct-2018 16:14
Send private message quote this post

Vlan?


'That VDSL Cat'
8948 posts

Uber Geek
+1 received by user: 1962

Trusted
Spark
Subscriber

  Reply # 2110566 18-Oct-2018 16:20
Send private message quote this post

Personally i have a separate VLAN for this, which doesn't share NIC or Switch at all with other data, It's then piped out a VPN.

 

i put far too many layers around it really, but i just... don't want to have to clean up after any sort of leak into my home network





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.




Glurp
8511 posts

Uber Geek
+1 received by user: 3901

Subscriber

  Reply # 2110571 18-Oct-2018 16:26
One person supports this post
Send private message quote this post

It needs to be something reasonably simple that I can understand. My networking know-how is about the same as Donald Trump's comprehension of international politics.

 

 





I reject your reality and substitute my own. - Adam Savage
 


'That VDSL Cat'
8948 posts

Uber Geek
+1 received by user: 1962

Trusted
Spark
Subscriber

  Reply # 2110572 18-Oct-2018 16:27
Send private message quote this post

Rikkitic:

 

It needs to be something reasonably simple that I can understand. My networking know-how is about the same as Donald Trump's comprehension of international politics.

 

 

Building walls and hiking import tax is quite an comprehensive thing to jump into though!





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


448 posts

Ultimate Geek
+1 received by user: 85


  Reply # 2110596 18-Oct-2018 17:21
Send private message quote this post

You need a layer 3 capable device such as a router or firewall that not only supports vlan's but allows you to put restrictions in place so that you can block traffic from your sacrifical vlan to your main vlan. 

 

 

 

Don't use the DMZ feature that some routers offer as whilst that might sound exactly what you need usually all it does is allow all inbound traffic through to a specific host and doesn't really protect your internal network.


14239 posts

Uber Geek
+1 received by user: 2582

Trusted
Subscriber

  Reply # 2110601 18-Oct-2018 17:39
Send private message quote this post

I just use one PC with antivirus running. I haven't had any major problems ever. I keep excellent backups in multiple locations in multiple formats though, so if something goes wrong I'm well covered.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


5279 posts

Uber Geek
+1 received by user: 2302

Trusted
Lifetime subscriber

  Reply # 2110602 18-Oct-2018 17:42
One person supports this post
Send private message quote this post

Turn all other PCs & devices off whilst you use the dodgy PC. You rural broadband router won't do VLAN etc :(

 

 

 

 





Chorus has spent $1.4 billion on making their xDSL broadband network faster. If your still stuck on ADSL or VDSL, why not spend from $150 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.