• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • Welcome to iHelpForum - the place to get help from knowledgeable techs in all areas of Tech, Home and Auto help. Consider checking out our Guides or Registering an account to post on our forums today.

Isolate one pc on a network

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#1
Hello, I have a fairly extensive home (all wired) network of windows pcs, and heaps of other wired network devices. Seeking information on how to have 1 pc having internet access but isolated from everything else. Reason for the strange request is that I'm currently studying malware at Geek university, and I would love to practice by infecting a live pc. I dont consider a vm to be 100% safe so thats out.

Last thing needed is obviously any infection/worm spreading across the network. Is there a "safe" way to accomplish this. If a managed switch will provide this protection then im happy to buy one to replace or daisy chain from my current 16 port switch?

I have been told that routers back to back can also work, but others have told me it wont. I do have several spare routers. Have asked this in another forum which only succeeded in some experts debating each other.

Is this too hard, bearing in mind the nasty pc is to be CONNECTED to my existing network somehow, no usb sticks and stuff?

Thanks in advance
 
Last edited:

Crush

I am admin, ruler of my domain
Administrator
iHF Master Craftsman
#2
I would disconnect the PC from the internet and use either a USB drive or a CD to transfer files. When I infect machines this is what I do

A switch inherently will interconnect the two networks. However, you could get another router and then use MAC address filtering to only allow connections to that network from the one machine
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#4
I would disconnect the PC from the internet and use either a USB drive or a CD to transfer files. When I infect machines this is what I do
Surely downloading infected files to a USB stick then transferring to the sick pc is flirting with danger? This is where I get confused because ive been told that is dangerous?

A switch inherently will interconnect the two networks. However, you could get another router and then use MAC address filtering to only allow connections to that network from the one machine
Are you referring to back to back routers with MAC filtering on the primary router?

I have a cable modem and separate router. I have been thinking the only sure way is to physically pull the network plug on the
modem and connect the rogue pc only when internet access is required, guess im looking for an easy way out?
 

Crush

I am admin, ruler of my domain
Administrator
iHF Master Craftsman
#5
Surely downloading infected files to a USB stick then transferring to the sick pc is flirting with danger? This is where I get confused because ive been told that is dangerous?
Depends if autorun is enabled and/or the USB is innoculated with something like USBVaccine

Are you referring to back to back routers with MAC filtering on the primary router?

I have a cable modem and separate router. I have been thinking the only sure way is to physically pull the network plug on the
modem and connect the rogue pc only when internet access is required, guess im looking for an easy way out?
MAC filtering would go on the secondary connection so only that MAC could connect to the network
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#9
have seen some suggestions of using the VLAN feature that some routers have. I have a Buffalo Tech router with the DD-WRT firmware which lets you set up Virtual Lans
Thanks LC, I know my router can have DD-WRT installed, its an Asus RC-AT66U. More reading for me.
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#10
LC is right VLAN tagging would work if your switch supports it
Even more reading needed, havent heard of VLAN tagging, but my switch is just a bog standard DGS-1016A dlink, so will have to check.

Thank you again.
 

Crush

I am admin, ruler of my domain
Administrator
iHF Master Craftsman
#15
Btw, I'm surprised you're not going "in house" for the training....we offer a similar program to Advisors and above

But if you get through it and make connections to that group all the better
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#16
Btw, I'm surprised you're not going "in house" for the training....we offer a similar program to Advisors and above

But if you get through it and make connections to that group all the better
Had I known about ihelp offering this service I would most certainly have applied and hopefully be accepted to use it. I have never seen reference to it anywhere. Tell me where is information on this?
 

Lord Chance

iHelpForum Jester & Door Greeter
iHF Veteran
Advisor
WCG Team Member
#17
Had I known about ihelp offering this service I would most certainly have applied and hopefully be accepted to use it. I have never seen reference to it anywhere. Tell me where is information on this?
The program started at PCHF and just carried over when that forum was no longer viable. Crush is a hard task master I am told but you learn some good stuff. :)
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#18
Before agreeing to the terms and conditions where im learning I did considerable research into the sites listed as providing this service. These sites in the link below came up regularly on searches. Can't say PCHF or Ihelp has ever been listed anywhere as a current malware training school. I simply mention this because of the apparent surprise that I havent enrolled INHOUSE.

http://uniteagainstmalware.com/

Please accept this comment in the constructive manner it was intended.
 

Lord Chance

iHelpForum Jester & Door Greeter
iHF Veteran
Advisor
WCG Team Member
#19
Before agreeing to the terms and conditions where im learning I did considerable research into the sites listed as providing this service. These sites in the link below came up regularly on searches. Can't say PCHF or Ihelp has ever been listed anywhere as a current malware training school. I simply mention this because of the apparent surprise that I havent enrolled INHOUSE.

http://uniteagainstmalware.com/

Please accept this comment in the constructive manner it was intended.
At PCHF, the program was not widely offered or advertised CD. It was simply an in house among friends type of thing.
 

Cameldung

I Like It Here
iHF Veteran
Advisor
WCG Team Member
#20
At PCHF, the program was not widely offered or advertised CD. It was simply an in house among friends type of thing.
Hopefully if I pass my training, and become competent, ill be able to respond to malware issues and questions just about anywhere on the net. As it stands now there are many sites that rightly so wont let you, unless you can show them you've had some form of acceptable training. Whilst I cast no aspersions on anything that may be offered here, I believe the hopefully successful training at Geeks will allow me to participate in malware discussion just about anywhere?

At least that's what I feel, and yes I do aspire to be part way as good as someone we nearly lost, and can ill afford to, a little while ago.

Crush and LC, thank you for the kind advice given on isolating a rogue PC. Lots of winters night research ahead.:D