Hosting Provided By

Re: Secure Home Networking?

From: Brett Campbell <brett(at)custom-tech.net>
Date: Mon May 26 2003 - 22:34:41 EDT

Sandy,

My 2-minor-cents.. (fundamentals)

I'd simply ensure that you have no extra services listening/availale to the outside world. IOW, if you have one of those linksys or dlink SOHO routers, make sure web administration is not enabled on the 'outside' interface, netbios is not forwarding inside your lan, etc. Keep the firmware on the router updated. If you have a unix fw you could deny icmp echo req's, etc. You should then run nmap against your IP from an untrusted host (ie, everyone else) on the 'net. As long as you don't have common ports like 80, 139, etc just sitting there waiting to be probed, you should be alright. I run sshd on an obscure port that *isn't* listed in {/etc/,/usr/share/nmap/nmap-}services, just so i can access my machine from anywhere on the internet. Keep ssh updated, obviously. This thwarts most of the 'would-be's and s|<1pT kidz. Hope you didn't already know all this,

Brett

On Mon, May 26, 2003 at 02:47:12PM -0600, Sandy Turner wrote:
> Any suggestions on tests to run to judge the security of a home

-- 
Brett Ryan Campbell
Systems Administrator, CAD Research Center
Cal Poly State University, San Luis Obispo, CA 93407
http://www.cadrc.calpoly.edu/frameset_content/content_about_us.html

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Tue May 27 11:34:02 2003

This message: [ Message body ]
Next message: Amal Al Hajeri: "Re: Pen test courses"
Previous message: R. DuFresne: "Re: Secure Home Networking?"
In reply to: Sandy Turner: "Secure Home Networking?"
In reply to Martin Wasson: "Re: Secure Home Networking?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:36 EDT