Suggestion 6: .. If you are super-duper anal, unplug all of your computers, cancel any ISP accounts, really the only security at all ;)
I am in the process of setting ipChains and Masquerade at home for some of the computers. I am still waiting for the processor to come in. I figure it can't be to hard. I have setup a linux box to do routing of real IPs, fake ones shouldn't be that difficult. At 09:39 PM 1/10/2002 -0500, you wrote: >Disabling file and print sharing over TCP/IP is a really good idea .. >especially since a cable modem is a shared connection. > >Suggestion 1: .. dump Black Ice and get something a little better. I like >Zone Alarm. Black Ice works fine, but Zone Alarm works better. You can >tinker with it more ;) Plus, it blocks some stuff Black Ice doesn't > >Suggestion 2: .. If you have another network card, put it in one of your >machines and that card a private IP address. Disconnect the cable modem >from the hub. Plug the cable modem in to the original card and plug the new >card (with the private IP) into the hub. Get some NAT program and install >it on the computer with the 2 cards and set it up. Wingate is an easy one >to use. The free liscense allows only 2 computers to connect, but there are >. ahem .. ways around that. Give your other 2 computers private IP >addresses and have them use the private IP address of the 2 card machine as >their gateway. Now 2 of your computers are not directly connected to the >internet and are all that much more secure. You can give those 2 real >addresses back to the ISP .. especially if they are charging you for them. > >If you are really interested in good security, find youself an old computer. >A low end pentium, like a 90, or 100, or something will do quite nicely. >You can get by with a 386 and a 3 1/2" floppy, but you can't 'tinker' with >it :) Anyway. Install a copy of Linux and set up ipchains and ip >masquerade. this gives you NAT and a a very nice firewall (as long as you >have a strong ruleset) :). You can also install tripwire and portsentry .. >both nifty anti-intrusion tools. There's a bit of a learning curve, but >there are HOW-TO manuals all over the Internet. I was able to firgure it >all out in about 5 afternoons of reading how-to's and just messing around. >If you aren't interested in playing around with something like that, though, >the Wingate solution will work fine. > >Suggestion 3: .. Get a copy of L0phtCrack (aka LC3) from www.l0pht.com and >audit the passwords on your network. > >Suggestion 4: .. go to www.lavasoftusa.com and download ad-aware and let it >scan for those damned spyware programs. This is minor, but still .. might >as well get rid of them while you are at it :) > >Suggestion 5: .. If you are super anal, you can grab a copy of PGP >(http://web.mit.edu/network/pgp.html) and encrypt your E-mail, or any >potentially sensitive files on your hard drive, floppy drive, CD-ROM, >whatever. > >If you have any questions about the stuff I have covered so vaguely, just >gimmie a hollar, as we say down in these here parts. > >Todd ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com Archives: http://www.mail-archive.com/cf-community@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
