Hmmmm. It hadn't occurred to me try Samba for authentication. I'll give it a go and see how I get on. Thanks for the idea.

I agree that a VPN is taking things to the extreme but that seems to be the way a lot of people are thinking over here. I don't really want to go there unless I absolutely have to.

I'll let you know how I get on.

Regards,

Liam


>Hi Liam,
>
>Doesn't Windows and Linux already have an authentication system. Before someone can connect into the local network, the system administrator must assign a username/password on the primary domain controller. A user loging into his workstation on a local computer enters his username and password to gain access to the local network. If a user who has not yet authenticated into the local network tries to connect, the windows domain controller will send a login screen requesting that the user authenticate in. If you assign really hard passwords, an intruder would have a difficult time gaining access to your local network. Also, you could look for some intruder detection software that logs failed attempts to gain access to you system. The intruder detection software would log the IP address of the person trying to gain access to your system.
>
>Also, you could disable all port on the Linux Router, except the ones you are using. If your using the internet, you will need port 80 opened. Have the Linux Router forward everything coming in port 80 the your web server. There is a lot of security already built into port 80 by web server software like Internet Information Services, Apache, etc. If your running a mail server, have the router forward all request over port port 25 SMPT and port 110 POP3 to the mail server. There is also alot of specail security built into mail server software.
>
>To me, having a VPN within a local network seem like overkill and would create a kind of double duty for the valid local users.
>
>My Linksys router logs all web site requests orginating withing my local network to my primary domain controller. Each line of the log file includes the local IP address of the computer orginating a web request, and the IP address of the web site being accessed. I periodically review the log file and investigate any unusal IP address that are being accessed.