Home
Topics
Network Security
Network Security Monitoring and Analysis
Home user security assessment

Ask the Expert

Home user security assessment

I'm a home user with an ADSL connection. I'm also taking CCNA courses at my school and have taken an interest in network security. My home network consists of a 486 PC running Windows 95. It has 3 NICs, 1 for the ADSL modem, 1 for the internal net and 1 for DMZ to a game server. I am using Winroute Pro for NAT/Firewall. The DMZ and internal networks use private addressing in the 10s and the 172s. My internal network has 3 hosts running windows 2000, 98 and 95. The file sharing is using ipx. The internal hosts also run Tiny personal firewall. I have anti-virus on the internal computers in the form of Mcafee and Kaspersky. I also run The Cleaner. My question is: How does my current security look? What are the risks and possible avenues of intrusion? Is there a comprehensive way of testing my firewall?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

It's actually good to use three NICs to build firewall . Regarding your scenerio ,everything looks good but as far as security is concerned , i am assuming that certain things have been take care of and if not here are my recommendations:-
1. IP forwarding is not enabled between the NICs. If ?Yes? then disable IP forwarding .
2. Winroute Pro for NAT/Firewall does not have application level protection as it?s mainly a packet filtering firewall. Just (always) default to denial ,except the ones specifically needed .Also it would be better if you can use some application level firewall and a good example of that is Gauntlet Firewall from CA.
3. If you are hosting DNS services then make sure Zone transfer is disable.
4. Take off all the unnecessary services from the box.
5.To make it more secure: Build a VPN tunnel (use IPsec or PPTP) between the DMZ NIC and Internal NIC & set the filtering to allow only the two machines to talk through it.
6.You should disable ADSL when not being used.
7.Disable NetBIOS over TCP/IP
8.Scanning Tools are helpful in finding the security holes. Use Portscanners as they can tell you what ports are open and use SATAN: The best tool to anylze and monitor traffic on the network.
If you need a comprehensive step by step approach to penetration testing GOTO : http://www.wittys.com/files/mab/fwpentesting.html

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in March 2002

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Enterprise WAN
Unified Communications
Mobile Computing
Data Center
Networking Channel

Enterprise WAN
- Wide area network resiliency best practices
  
  Learn about network resiliency best practices to keep your wide area network (WAN) services running during technical difficulties and outages.
- Business continuation and disaster recovery tips for your WAN services
  
  Understand the tools, technologies and strategies used to ensure business continuance (BC) and disaster recovery (DR) for your WAN services.
- IPv6 benefits: Making the IPv6 business case
  
  Depleted IPv4 addresses are not enough for many enterprises to deploy IPv6. Use these IPv6 benefits to make a business case for your IPv6 migration.
Unified Communications
- Cisco adds immersive video wall option to telepresence technology
  
  Cisco has added a video wall option to its telepresence technology, giving enterprises a more immersive telepresence room.
- Are wearable PoV cameras vulnerable to privacy issues and misuse?
  
  PoV cameras have the potential to be mishandled, but the same is true for all technology, according to unified communications expert Matt Brunk.
- Use network simulation tools to prevent UC from crashing your network
  
  To avoid real-time UC applications from crashing your network, analyze the stress points using network simulation tools, then eliminate the problems.
Mobile Computing
- Bringing BYOD to your enterprise
  
  Bring your own device (BYOD) can be a boon for both employees and enterprises, but clear policies and management tools are needed.
- Meeting technical requirements for mobile health care deployments
  
  IT departments deploying mobile health care solutions must ensure that using mobile devices in health care settings doesn't violate federal laws or compromise security.
- Making the call: Distributed antenna systems and in-building wireless
  
  Distributed antenna systems and in-building wireless solutions are two options to improve wireless cellular coverage within an enterprise facility.
Data Center
- Set the right Linux extended attributes, enjoy better file security
  
  Unlike permissions, Linux attributes apply to all users, even root. With Linux extended attributes, administrators can increase file security.
- Reinvented mainframe technology keeps big iron alive
  
  Mainframes are costly, arcane data center dinosaurs. Right? Wrong! Today's mainframe technology supports varied workloads securely, with TCO benefits.
- When to use Linux memory swap to solve server performance problems
  
  Adding physical memory may seem like the best way to solve a Linux server's memory shortage. But that's not the only way, so troubleshoot first.
Networking Channel
- Aruba Networks Partner Program Checklist
  
  Value-added resellers and service providers interested in reselling Aruba networking hardware and software can learn the benefits of becoming an Aruba Networks partner with this standardized checklist. Compare Aruba's reseller partner program with other vendors' offering similar products.
- NetScout Systems Partner Program Checklist
  
  Learn the benefits of becoming a NetScout Systems reseller partner with our Partner Program Checklist.
- Visage Mobile Partner Program Checklist
  
  Learn the benefits of becoming a Visage Mobile reseller partner with our Partner Program Checklist.

All Rights Reserved,Copyright 2000 - 2013, TechTarget