I use two main systems where I work. One system is running Windows XP Pro and is connected to a closed loop control systems network but not to the internet because of security risks. The other system is running OpenSuSE 10.1 and is connected to the internet only.
I would like to connect the two computers over a separate network for the purpose of using Synergy to share the keyboard and mouse but am not sure of the security risks involved. If I were to put an extra nic in each system, is there a way to disallow all traffic except what is coming from Synergy?
What are the chances of someone entering the closed loop network in a setup like this?
How about some other ideas to use one keyboard/mouse for both systems like Synergy allows?

Well, it's not that your machines are gonna forward traffic by themselves to the CLC net, but the risk is if someone breaks into your openSuSe machine, then breaks the windows and voila - he has access to the secured net. In terms of security measures, that would not stand any audit unless you carefully firewall your machines. Desktop suse is hard to rootkit if used properly, just don't get suspicious services on that machine e.g. http/ftp/gopher/name servers.

so what if I disallow all traffic on all ports except for the one that synergy uses?
Is that even possible to do on a second nic, while still allowing everything on the first nic, for internet?
or perhaps I should be looking for a hardware solution.