 |
 |
Segmenting WAN/LAN With 2 NIC Cards.
|
|
|
|
|
Senior User
Join Date: Jun 2002
Location: Albuquerque, NM
Status:
Offline
|
|
Kind of a PC related question here.
What is the advantage of separating 2 networks with 2 NIC cards in one computer? We have a file server here at work that has the first NIC card tied to the house LAN. The second NIC card is tied to a LAN for some automation things. 2 separate subnets. I'm trying to figure out what it is that stops viruses from spreading to the second LAN when people do this type of setup.
The LANs are not bridged but if a virus landed on that file server through the WAN NIC card what would stop if from making it to the second subnet on the second LAN card? We got hit by the Sasser virus and it never infected the machines on the second LAN. These machines don't get Windows updates, etc.
Google searches only bring up how-tos for bridging connections but in our case we are not bridged. Any ideas?
Thanks,
Brad
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Aug 2000
Location: Ancaster, Ontario, Canada
Status:
Offline
|
|
The IP addresses in one subnet are invisible to the computers in the other subnet.
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jun 2002
Location: Albuquerque, NM
Status:
Offline
|
|
Originally Posted by John Strung
The IP addresses in one subnet are invisible to the computers in the other subnet.
That makes sense. What if the computer with the 2 NICs get infected? Am I correct in assuming the other subnet could get infected then?
Brad
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Aug 2000
Location: Ancaster, Ontario, Canada
Status:
Offline
|
|
Originally Posted by nerd
That makes sense. What if the computer with the 2 NICs get infected? Am I correct in assuming the other subnet could get infected then?
Brad
Yes. Do you need access to that particular computer from both LANS or are you just using it to share an internet connection? If the latter, you can accomplish this and separate the two LANS by using a $20 cable/DSL router as the separator instead.
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jun 2002
Location: Albuquerque, NM
Status:
Offline
|
|
Originally Posted by John Strung
Yes. Do you need access to that particular computer from both LANS or are you just using it to share an internet connection? If the latter, you can accomplish this and separate the two LANS by using a $20 cable/DSL router as the separator instead.
Actually it's a fileserver where our traffic department drops the exported air logs to via a mapped drive over LAN 1. The automation system lives on LAN 2 and also has the file server drives mapped. From these mapped drives the operators import the logs. So it's Traffic (LAN 1) - File Server (2 NIC cards) - Air Client (LAN 2). The LANs aren't bridged, no internet or outside access on LAN 2.
A few of us here were talking about this trying to figure out why LAN 2 never gets infected because there have never been any Windows updates ran on those computers. We only do the updates to the file server which has the 2 NIC cards.
So basically a virus won't see LAN 2 from LAN 1 unless the virus was on the computer that contained the ethernet cards for the 2 LANs.?.
Brad
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Aug 2000
Location: Ancaster, Ontario, Canada
Status:
Offline
|
|
Originally Posted by nerd
So basically a virus won't see LAN 2 from LAN 1 unless the virus was on the computer that contained the ethernet cards for the 2 LANs.?.
Brad
That is my understanding
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top
