Another way to address the problem would be to make that "network" a
seperate physical network. Literally do not have anything connecting those
3 machines to the novell network. This would provide security both ways,
forcing you to either use "sneaker net" to get data onto the outside
network, or something like Lap-link. It would be more in-convenient but it
sure would take care of the security issues in a complete way...
"Yechiel Levin" wrote in message
> I have a W2K Workstation "A" connected to the corporate Novell network
> running IP. I want to be able to manage, and access the file shares on,

> other on-site W2K Workstations "B" and "C" without connecting them to the
> Novell network, since 1) they have no need for any Novell resources and
> should not have access to the Novell network, and 2) the Novell users and
> admins have no need for anything on "B" and "C" and should not have access
> to them (they contain sensitive extra-corporate data as well as corporate
> data).
> Here's what I thought to do:
> I will install a second network card on my computer "A", and we'll call

> Novell interface A1 and the second interface A2. I will configure static

> addresses 192.168.1.x for A2 and the other two computers B and C, and
> connect them to the existing physical network infrastructure. (Let's say
> the Novell network's IP address range is 10.136.x.x.) Also, I would add a
> new local user that would not have a corresponding Novell user. The
> security of the file shares on B and C would only allow access to the new
> local-only user.
> Question:
> Will the fact that this peer network is on a different IP address range

> the Novell network be enough to keep Novell users or admins from seeing

> existence of B and C (or at least from accessing their data), even though
> they are physically on the same network?
> If the Novell admins (as well as my local Novell user) have Local Admin
> privileges on my computer A, is there any way they can see B and C?
> Thanks,
> Yechiel