O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

15.8. Summary

This chapter covered ways to keep a small Ethernet network secure from most outside attacks while giving users on the network access to the services they need. I began by explaining the basic operation of common networking hardware, such as routers, gateways, and DSL and cable modems. I then covered NAT and DHCP, two common methods (often used together) for giving computers Internet access using private IP addresses that aren't visible to the outside world. I explained in broad strokes how to configure a setup known as a DMZ (or demilitarized zone), both in the sense of an isolated network segment outside your firewall and in the sense of using a router or gateway to direct all outside Internet access to a particular IP address.

For more fine-grained access control, I then discussed port forwarding, in which requests for particular kinds of data are routed individually to selected computers on your network. I returned to the topic of proxy servers (discussed earlier in this book) to cover specific security uses on your local network and ended the chapter with a discussion of the 802.1X authentication protocol and how to use it on your wired network.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required