> 3) I've got Win 2000 Server as my server machine, but I can't seem to Install any Anti-Viral software or Firewall software... Is this just my machine, or is it a problem with Win 2000?
What sort of problem(s) are you experiencing? Win2k shouldn't have any issues with antivirus software, for certain. Was there ever a faulty install, one maybe that reported some errors? On my windows servers I run Norton System v7.6, and though it runs great once installed, a faulty install can cause the OS to not allow any re-try installs. What software firewall program(s) are you having issues with? My gut instinct is that it's the current build of windows on that particular machine. b. ----- Original Message ----- From: "Steve Bremer" <[EMAIL PROTECTED]> To: "Pearson, Andrew" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, May 01, 2002 3:25 PM Subject: Re: Home Security. > Hi Andrew, > > > 1) What is the best operating system / firewall software combination to use on the firewall machine? (I think i'd prefer to use a MS product though) > Ouch, start off with a question of religion :-) If you are most > comfortable with a m$ OS, you should use that assuming you > know how to secure it and have software that can provide the > features necessary for a firewall (packet filtering and/or proxying). > > If you want to dig into another OS (to learn something new) as an > option for a firewall, but don't want to worry too much about > security, I'd recommend OpenBSD. OpenBSD probably has the > safest "out of the box" installation (e.g. very few, if any external > services running). OpenBSD also support IPSec (for creating a > VPN) and packet filtering. > > Another option to try is Linux. It supports IPSec if you apply the > Freeswan kernel patch and it provides nice packet filtering > capabilities. Where you have to be careful with Linux is that many > distributions of Linux turn on a lot of services by default that you > don't need and shouldn't be exposed to the internet. If you want to > learn about securing a *nix server, this will provide some good > hands on experience. I'm not saying Linux is insecure, just some > of the services that get installed by default are not meant to be > exposed to a hostile environment (e.g the Internet). > > There are many Linux distros that have been scaled down that are > intended for use as a firewall. Most of them can run off of a single > floppy disk and don't enable services by default. Check out > leaf.sourceforge.net and look for "Bering". > > > 2) My ADSL line which connects to the firewall uses USB, so is it still a router? since it doesn't have 2 NIC's..... > > This should still work. There are network capable USB devices. > > > 3) Obviously, my firewall machine will have to act as a router, so what is the best software to use to achieve this? > > Depends on the OS. For m$ windows, I have no idea. For Linux, > I'd used iptables. For OpenBSD I'd use packet filter or IPF. > > > 3) I've got Win 2000 Server as my server machine, but I can't seem to Install any Anti-Viral software or Firewall software... Is this just my machine, or is it a problem with Win 2000? > > Can't help you there. > > > 4) If I want to make my network secure, is there any other products I should invest in, besides Anti-Virus and Firewall software? > > A network intrusion detection system can be helpful, but they can > be quite expensive unless you're willing to set one up yourself (e.g > snort). > > > 5) Lastly, what would I need (besides telnet) to use to access my Linux box from the server securely? (If the server is an MS-OS) would Exceed do it? > > Never use telnet to access any box if it can be avoided. All > information is passed cleartext and your passwords can be sniffed > off the wire. I'd recommend OpenSSH. It is a free version of SSH > that allows you to login to remote hosts using an encrypted > session (and a lot more). > > Steve Bremer >
