Ask the Expert

Home user security assessment

I'm a home user with an ADSL connection. I'm also taking CCNA courses at my school and have taken an interest in network security. My home network consists of a 486 PC running Windows 95. It has 3 NICs, 1 for the ADSL modem, 1 for the internal net and 1 for DMZ to a game server. I am using Winroute Pro for NAT/Firewall. The DMZ and internal networks use private addressing in the 10s and the 172s. My internal network has 3 hosts running windows 2000, 98 and 95. The file sharing is using ipx. The internal hosts also run Tiny personal firewall. I have anti-virus on the internal computers in the form of Mcafee and Kaspersky. I also run The Cleaner. My question is: How does my current security look? What are the risks and possible avenues of intrusion? Is there a comprehensive way of testing my firewall?

    Requires Free Membership to View

It's actually good to use three NICs to build firewall . Regarding your scenerio ,everything looks good but as far as security is concerned , i am assuming that certain things have been take care of and if not here are my recommendations:-
1. IP forwarding is not enabled between the NICs. If ?Yes? then disable IP forwarding .
2. Winroute Pro for NAT/Firewall does not have application level protection as it?s mainly a packet filtering firewall. Just (always) default to denial ,except the ones specifically needed .Also it would be better if you can use some application level firewall and a good example of that is Gauntlet Firewall from CA.
3. If you are hosting DNS services then make sure Zone transfer is disable.
4. Take off all the unnecessary services from the box.
5.To make it more secure: Build a VPN tunnel (use IPsec or PPTP) between the DMZ NIC and Internal NIC & set the filtering to allow only the two machines to talk through it.
6.You should disable ADSL when not being used.
7.Disable NetBIOS over TCP/IP
8.Scanning Tools are helpful in finding the security holes. Use Portscanners as they can tell you what ports are open and use SATAN: The best tool to anylze and monitor traffic on the network.
If you need a comprehensive step by step approach to penetration testing GOTO : http://www.wittys.com/files/mab/fwpentesting.html

This was first published in March 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: