Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Home user security assessment

I'm a home user with an ADSL connection. I'm also taking CCNA courses at my school and have taken an interest in network security. My home network consists of a 486 PC running Windows 95. It has 3 NICs, 1 for the ADSL modem, 1 for the internal net and 1 for DMZ to a game server. I am using Winroute Pro for NAT/Firewall. The DMZ and internal networks use private addressing in the 10s and the 172s. My internal network has 3 hosts running windows 2000, 98 and 95. The file sharing is using ipx. The internal hosts also run Tiny personal firewall. I have anti-virus on the internal computers in the form of Mcafee and Kaspersky. I also run The Cleaner. My question is: How does my current security look? What are the risks and possible avenues of intrusion? Is there a comprehensive way of testing my firewall?
It's actually good to use three NICs to build firewall . Regarding your scenerio ,everything looks good but as far as security is concerned , i am assuming that certain things have been take care of and if not here are my recommendations:-
1. IP forwarding is not enabled between the NICs. If ?Yes? then disable IP forwarding .
2. Winroute Pro for NAT/Firewall does not have application level protection as it?s mainly a packet filtering firewall. Just (always) default to denial ,except the ones specifically needed .Also it would be better if you can use some application level firewall and a good example of that is Gauntlet Firewall from CA.
3. If you are hosting DNS services then make sure Zone transfer is disable.
4. Take off all the unnecessary services from the box.
5.To make it more secure: Build a VPN tunnel (use IPsec or PPTP) between the DMZ NIC and Internal NIC & set the filtering to allow only the two machines to talk through it.
6.You should disable ADSL when not being used.
7.Disable NetBIOS over TCP/IP
8.Scanning Tools are helpful in finding the security holes. Use Portscanners as they can tell you what ports are open and use SATAN: The best tool to anylze and monitor traffic on the network.
If you need a comprehensive step by step approach to penetration testing GOTO : http://www.wittys.com/files/mab/fwpentesting.html
This was last published in March 2002

Dig Deeper on Network Security Monitoring and Analysis

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.