At this point I’ve exhausted all the topics on network and computer security that I was eager to cover. As things change/ ideas strike I may well add to this series. One direction I see it going is talking in detail about several network utilities and more advanced topics like looking into web site ownership, email header analysis, good topical books/etc.
Category: Networking
-
Network Security guide for the home or small business network – Part 20 heterogeneous networks
One thing I’ve already mentioned in this serious is using alternative programs like Mozilla Firefox instead of Internet Explorer, or Thunderbird, Eduora instead of Outlook Express. Even if you’re not using alternative software as your primary web browser, email program there are advantages to having networks with mixed software, operating systems and even mixed network hardware. Back when the blaster worm hit, there were stories of businesses paralyzed when every Windows XP machine in the place (read – EVERY machine in the place) could not stay up long enough to download a fix. In order to get a fix they had to get online to find out about it and it was crashing within 30 seconds of booting.
-
Network Security guide for the home or small business network – Part 19 – What about when you’re not on your home network?
When you’re not at your home network is probably one of those times you should be more on your guard. Wireless access points are very common and a greatly useful thing, but there are some steps you should take to protect yourself, your pc and the data stored there. First it’s worth having a personal firewall for just this type of situation. You obviously can’t make use of a second hardware firewall when hooking up to a wireless LAN. (Although I would think that a small “wireless bridge” adapter of a wireless device to a wired ethernet port MIGHT be able to serve that function. It depends on how it’s implemented.)
-
OpenVPN series
After the Hamachi article I wanted to do a series on OpenVPN. I’ve used it before, but not since the 1.x days…. it’s now at version 2.0.5 and has quite a bit more flexibility. When I first used it, it was pretty much a point-to-point vpn solution. You could set up routing to see the rest of the network and for the network to see the vpn client, but only one client could connect to one server. What this meant is that multiple tap or tun devices were needed on the server, one for each remote vpn client. Also, multiple openvpn processes and multiple openvpn ports.
From my understanding this setup wasn’t necessary under the 2.x series.
-
Common Networking Ports
Along the lines of “knowing your network” with the network security guide. Here are some of the most commonly used network ports. There are 65535 ports that can listen for a connection, so this is not a thorough listing. (These are tcp unless noted otherwise.)
-
Network Security guide for the home or small business network – Part 18 – What about Dialup Users?
So, most everything so far has been targetted to high speed internet users or business networks. That means if I use dialup I’m safe. Wrong. For starters, in many ways dialup internet is LESS of a risk than high speed broadband for two main reasons. First, high speed/broadband connections are typically on ALL the time. Which raises your exposure. Like the security through obscurity concept though… just because dialup is only online a limited amount of time, that shouldn’t be the only reliance on protecting your system.
-
Hamachi p2p vpn
A few days back I was at grc to run a “shields up” scan on a clients machine and found reference to their Security Now podcast (Leo Laporte and Steve Gibson.) The cast was about a VPN tool called Hamachi… so I revisited and gave a read to the Security Now! transcript. And then visited the Hamachi site. I’ve got to say, I’m impressed on a couple of levels with Hamachi. 1st it sounds as though they’ve done a great approach to a secure free VPN implementation. (Steve Gibson is a pretty good reference….) It’s also easy to install and use and beyond that there are linux/Windows versions of the client currently, Mac will be released after the 1.0 for Linux and Windows.
-
Network Security guide for the home or small business network – Part 17 – The Security Mindset
This may be one of the most important entries in this series. An important defence against those that would try to access your network is to constantly have the “security mindset”. Ask yourself “do I need this, how could it be exploited, what are the implications of this”… When it comes to people asking you to click on a link… “do I trust the person, am I sure it’s from the person that it claims to be… how sure? is it normal behavior for this person to ask me to click on a link?” I guess what it comes down to is developing some healthy critical thinking and skepticism…
-
Small Ethernet Print Server
The Hawking Technology Print Server (HPS1P) is a nice little parallel port to ethernet print server that can be configured to make a single printer available to multiple machines on a LAN (local area network). It supports a number of different protocols and can be configured through a web interface, or with a Windows based control application. There are disadvantages with hooking a printer up to a pc to share over a network. First, the pc that shares the printer has to be up and reliable. Second, that pc has to be in a convenient location to the printer.
-
Network Security guide for the home or small business network – Part 16 – Learn about the enemy
I remember I had a geography teacher once that was a former Marine and he said when he was growing up it was the height of the cold war and geography was interesting to him from a “know your enemy” point of view. That’s a good concept to apply to computer security and network security. This doesn’t mean you have to visit a bunch of blackhat sites (although I’ve known those that do) to monitor their activities.