On the home computer, I'm sadly urged to run Windows XP. On my own machine,
I run OpenBSD. On the machines I'm administrating, we have Windows 2000,
Windows XP, Debian Linux, FreeBSD, Solaris.

> and how does he secure his home network?

Hm... not at all? Since there's no necessity, the clients are all well secured.

Posted by Leythos on January 14, 2008, 10:39 am

If you were Registered and logged in, you could reply and use other advanced thread options

postmaster@derith.de says...

> Am Mon, 14 Jan 2008 06:32:50 -0500 schrieb Leythos:

> > At the very least, a simple NAT router is the first line of defense for

> > home users.

> no, thats not true, with the router the net behind that device is not more

> or less secure, think about the zombies in bot nets.

> does all those user don't have nat router's? ;)

Think about how the NAT means that the bots out on the net can't reach
the machine behind the NAT.

Once a machine is compromised all bets are off, but we're not talking
about compromised machines, we're talking about how to best keep from
being compromised.

A NAT router will allow you to be unreachable while you install your OS,
while you do many things, from behind it, so that you can configure your
machine to be more secure.

The inbound barrier is a MUST HAVE solution.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Posted by Burkhard Ott on January 14, 2008, 10:52 am

If you were Registered and logged in, you could reply and use other advanced thread options

Am Mon, 14 Jan 2008 10:39:55 -0500 schrieb Leythos:

> A NAT router will allow you to be unreachable while you install your OS,

depends on the router configuration, sometimes a firmware bug helps to
make your network reachable

> while you do many things, from behind it, so that you can configure your

> machine to be more secure.

it is the same security, if you download update files and your DNS is
poisened you think you installation is save...

> The inbound barrier is a MUST HAVE solution.

not really

cheers

Posted by Al Dykes on January 14, 2008, 11:11 am

If you were Registered and logged in, you could reply and use other advanced thread options

>Am Mon, 14 Jan 2008 10:39:55 -0500 schrieb Leythos:

>> A NAT router will allow you to be unreachable while you install your OS,

>depends on the router configuration, sometimes a firmware bug helps to

>make your network reachable

>> while you do many things, from behind it, so that you can configure your

>> machine to be more secure.

>it is the same security, if you download update files and your DNS is

>poisened you think you installation is save...

>> The inbound barrier is a MUST HAVE solution.

>not really

When doing a fresh install, I have to be behind a firewall. I've seen
a new W2K machine infected via a viral probe minutes after it first
connected to the net, before the patches could be applied.

I've hooked up IP logging for attempts for incoming connections and
they pop up on a regular basis.

In my laptop, I have a PFW, A/V software, the hosts file from mvps.org
and I install patches as soon as they come out. And I pray.

Similar Threads	Posted
why wireless router cheaper than plain router?	June 15, 2005, 11:40 am
Connecting to VPN Router That's Behind Another Router	January 29, 2008, 8:06 pm
Router/Firewall/VPN Appliance vs. Router and firewall appliances	May 4, 2006, 5:28 pm
router contains a built-in switch versus router without a built-in switch	September 14, 2005, 10:22 pm
56k router with nat	May 4, 2005, 10:46 pm
router	May 13, 2005, 1:05 pm
Do I need a new router?	August 13, 2005, 11:09 pm
do i need a new router	September 19, 2005, 7:58 pm
Help with router	December 30, 2005, 9:06 am
NAT Router	March 27, 2007, 11:53 am

The site map in XML format XML site map