I have been monitoring this list for about 6 months now. I am by no means a
security expert, but I have some knowledge on the topic. I wanted to
describe my setup and see what type of attacks could get to my inside
network or what vulnerabilities exist. I am debating on going with a Linux
OS/firewall solution if my setup stinks. I wanted to hear everyone's advice
first. First of all, this is a home network with non critical data on my
workstations.
I have a product called Winroute 4.1 running on a WindozeNT 4.0 SP6a
Workstation. The product information can be found at www.winroute.com In
addition to winroute, I also have BlackICE defender installed on the same
box. I did this because the winroute logging is weak. I have a cable modem
assigning me a DHCP address to my outside public NIC and I have another NIC
with my internal private IP address. I am doing NAT on the private IP
address. I have a few rules enabled to filter outbound traffic. The
outbound ports being blocked are 44333, 135, 139, 5631, 5632. By default
all inbound traffic is denied. I also have a Windows Advanced Server that
runs DNS, web page and ftp server. I setup port mapping for 21, and 80 to
go to the internal IP address of the server. I have latest IIS patches and
OS security patches. Three other workstations are on my internal network
which all use my internal DNS server and go out through the winroute box.
The setup I have is dirt cheap, but is it also a piece of crap? I can not
afford to setup a PIX here at the house FYI :)
Are personal firewalls easily compromised or will they block most attempts?
Also, is there any thing that I can be doing to enhance what I have with the
limited tools?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
