Isolating Computer on Home Network.

zodell2000 · Sep 6, 2017

I'm currently attempting to host a game server in which I'll need to forward a port. Given that forwarding ports will put my computer and the computers on the network at a greater risk of an online attack, I was wondering if there was a way to isolate my computer from my home network. I currently use one NetGear router. Basically, if I was ever hacked or a virus was somehow placed onto my computer, I'd like to know that the rest of my network was somewhat safe because my computer was in its own isolated network. Truthfully, I know only basic networking, which is why I'm here. If anyone could help, I'd be grateful.

*Note: This is my home computer. I'd like to be able to keep the functionality and security of my system, just split into an isolated 'box' within my network.

USAFRet · Sep 6, 2017

Look at your router for a DMZ function.
That will effectively wall off the game server from the rest of your devices.

zodell2000 · Sep 6, 2017

My router doesn't have a DMZ function, unfortunately.

USAFRet · Sep 6, 2017

zodell2000 :

A guest network maybe?
(but if no DMZ, unlikely)

zodell2000 · Sep 7, 2017

USAFRet :

I went a little deeper into my router settings and found a 'default dmz server' option. I read online that dmz's can be a large security risk. Is this true?

USAFRet · Sep 7, 2017

zodell2000 :

A risk, for that system only.
It is walled off from the rest of the network and systems, but more open to the outside world.

zodell2000 · Sep 7, 2017

Ok. Setting up the DMZ on the router requires an IP address to be entered. Do I use the IP address of my computer?

Also, if I have a hardware firewall, in this case the firewall that comes with OS X computers, will that protect my computer more than having it disabled? If not, what are some ways I can protect my computer from outside attackers if the DMZ is set up?

USAFRet · Sep 7, 2017

zodell2000 :

That would be a 'static' IP address, outside the routers DHCP range. This is for that one single game server system.
Maybe something like 192.168.1.200.

Read the user manual, in depth, on this DMZ function. Don't just go by what is onscreen.

For instance, this is the DMZ functionality on my router:

Yours might be slightly different.

Firewall? That is part of the router function, not your OSX systems.

USAFRet · Sep 7, 2017

You are doing this on a dedicated PC, right? Not your daily use system.
Right?

zodell2000 · Sep 7, 2017

This is the computer I use daily which is why I am skeptical of opening my system to the entire internet.

USAFRet · Sep 7, 2017

zodell2000 :

Then yes, that is a major issue. Don't do that.

A complete rethink is needed here.

zodell2000 · Sep 7, 2017

USAFRet :

I've read something about a VLAN network that separates devices in a network. Would this work for what I'm trying to do?

USAFRet · Sep 7, 2017

zodell2000 :

No, the problem is you're sharing the game server and your daily PC.
The game server really, really needs to be a discreet box.

Then you can wall it off, either a VLAN or DMZ or whatever.

The game server will be exposed to the outside world...whoever connects to play. If this is also your daily PC, ALL of that data on that system is at risk.

nigelivey · Sep 8, 2017

If you go down the VLAN router I would guess you would need to purchase a commercial router and managed switches. How much do you want to spend?

Search

Isolating Computer on Home Network.

zodell2000

Prominent

USAFRet

USAFRet

Titan

zodell2000

Prominent

USAFRet

Titan

zodell2000

Prominent

USAFRet

Titan

zodell2000

Prominent

USAFRet

Titan

USAFRet

Titan

zodell2000

Prominent

USAFRet

Titan

zodell2000

Prominent

USAFRet

Titan

nigelivey

Splendid

TRENDING THREADS

Latest posts

Moderators online

Share this page