Disabling file and print sharing over TCP/IP is a really good idea .. especially since a cable modem is a shared connection.
Suggestion 1: .. dump Black Ice and get something a little better. I like Zone Alarm. Black Ice works fine, but Zone Alarm works better. You can tinker with it more ;) Plus, it blocks some stuff Black Ice doesn't Suggestion 2: .. If you have another network card, put it in one of your machines and that card a private IP address. Disconnect the cable modem from the hub. Plug the cable modem in to the original card and plug the new card (with the private IP) into the hub. Get some NAT program and install it on the computer with the 2 cards and set it up. Wingate is an easy one to use. The free liscense allows only 2 computers to connect, but there are . ahem .. ways around that. Give your other 2 computers private IP addresses and have them use the private IP address of the 2 card machine as their gateway. Now 2 of your computers are not directly connected to the internet and are all that much more secure. You can give those 2 real addresses back to the ISP .. especially if they are charging you for them. If you are really interested in good security, find youself an old computer. A low end pentium, like a 90, or 100, or something will do quite nicely. You can get by with a 386 and a 3 1/2" floppy, but you can't 'tinker' with it :) Anyway. Install a copy of Linux and set up ipchains and ip masquerade. this gives you NAT and a a very nice firewall (as long as you have a strong ruleset) :). You can also install tripwire and portsentry .. both nifty anti-intrusion tools. There's a bit of a learning curve, but there are HOW-TO manuals all over the Internet. I was able to firgure it all out in about 5 afternoons of reading how-to's and just messing around. If you aren't interested in playing around with something like that, though, the Wingate solution will work fine. Suggestion 3: .. Get a copy of L0phtCrack (aka LC3) from www.l0pht.com and audit the passwords on your network. Suggestion 4: .. go to www.lavasoftusa.com and download ad-aware and let it scan for those damned spyware programs. This is minor, but still .. might as well get rid of them while you are at it :) Suggestion 5: .. If you are super anal, you can grab a copy of PGP (http://web.mit.edu/network/pgp.html) and encrypt your E-mail, or any potentially sensitive files on your hard drive, floppy drive, CD-ROM, whatever. If you have any questions about the stuff I have covered so vaguely, just gimmie a hollar, as we say down in these here parts. Todd ----- Original Message ----- From: "Braver, Ben" <[EMAIL PROTECTED]> To: "CF-Community" <[EMAIL PROTECTED]> Sent: Thursday, January 10, 2002 7:57 PM Subject: Home network security question > Todd and all the other contributors on this- > > Wondering if my attempt at home internet security is sufficient or not. > > Have cable modem connected to 100mb Ethernet hub. > 3 pc's connected to hub. > Each is running Black Ice Defender. > Each has unique computer address from AT&T. > > For file & print sharing, am using ol' Windows Networking (free), with > TCP/IP disabled - that way, if someone gets into one box they can't go to > the others. Am using antique NETBEUI from back in the > Windows-for-Workgroups days. Also have a password on all shares (in pc's > password list). > > Went to Steve Gibson's "Shields Up" web site to test my security, it said I > had a "stealth" site and had done a pretty good job of "hiding" my system. > > Am an applications person, not a network guru, and open to any/all > suggestions for improvement as long as not $$$$. > > Thanks. > > Ben Braver > Information Technology > Ultramar Inc. > Golden Eagle Refinery > 150 Solano Way > Martinez, CA 94553-1487 > (925) 370-3673 voice > (925) 370-3393 fax > [EMAIL PROTECTED] > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
