I know two small companies that have DSL connections and and multiple computers (5 or 6)linked to DSL for internet access, but they have no routers that I am aware of. I help these 2 outfits with minor computer hardware stuff, and so I am really only a novice at networks. I am concerned that their only security seems to be dynamic IP addresses. This seems inadequate to me. Is it?

Does DSL automatically provide security? (I am a "cable" user myself.) If not, could I just put in a router (such as Linksys or SMC 4 or 5 unit router) after the DSL modem, and then uplink or downlink them into the router? Would this work and is it a "good" idea?

My own system is different. Formerly, my 2-computer home network was via cable, and I used Tim Higgins/Practically Networked to achieve security. When @home died, I went to a similar, but direct-link outfit (wideopenwest), and installed a router to isolate my home from the Net.

Comments? Sorry to take advantage of the opening welcome, that "no question is too basic," or something like that.

This is a good question and probably the most important to get right when you have an 'always-on' connection.

You might want to double check how they are really connected.
The worst topology would be:
DSL -> uplink port on a hub -> all PCs.
or
DSL -> uplink port on a switch -> all PCs.

Both are recipies for internet intrusion and disaster. For a business to do this its like giving a machine gun to a terrorist.

DSL provides no security at all. The reason for their setup may be that DSL providers like to sell multiple internet addresses cos they charge for each one. When all you really need is one IP address and a sharing technique. (That is unless you are providing fixed IP server services to the internet).

In their defence they may use personal firewalls on their PCs like Blackice or zonealarm or Norton Firewall - which is better than nothing and OK if they are not doing any sharing between the PCs - which I really think they must be if they are a business - then its as bad as it gets. If they have MS client and File & Printer sharing enabled then they may be broadcasting their shares to the internet. The kiddie hackers love this.

As you said, the simple secure answer is to get one IP address and a DSL router/switch and put all the PCs behind it.
Job done - all secure.

Go sell them some consultancy. You might save their business.
:)

Thanks, Greenstead! And nice to hear from Great Britain - so far away from Denver!

I am positive that at least one of the two has the "worst topology," uplinked to a hub, and I need to check the other one. I will endeavor to take steps to get a router in the system just below the DSL modem. Thank you again.

Finally, I'll bet that MANY of these topology types are in use today, as they are so easy to implement. DSL outfits really ought to stress and highlight that additional security is needed.

P.S. This forum worked very well and promptly for me! It was a little intimidating during the entry and sign-up phase for someone unfamiliar with using forums, but so far it is "on the button" for me.

Rich: I'm glad the forum worked out for you.

As Greenstead said, definitely get a router on that setup ASAP. Make sure when you do that all the firewall functionality is activiated -- it's not always on by default. And it won't hurt to have each PC running a software firewall individually, too. (If they've got any wireless, make sure the WEP encryption is turned on, also.)