Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > xp security

Reply
Thread Tools

xp security

 
 
Pete-X
Guest
Posts: n/a
 
      11-05-2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Ernest T. Bass" <(E-Mail Removed)> wrote in
message news:HQaqb.128$(E-Mail Removed).. .
> Interesting, right now I have this set up:
>
> Linux PC----
> ----Router ----Cable Modem ---Internet
> XPPRo PC--
>
> Would I gain anything by using that linux box as a gateway PC and adding
> another NIC to it? I have an F-secure firewall running on the XP box,
> nothing on the Linux box as it is only used for web surfing by my son,
> and no valuable data on it at all...
>
> john


I have a Linksys router too. I decided a while ago that I wanted to have a
bit more flexibility, plus I had an old P2 400Mhz PC lying around doing sod
all. So I replaced the router with this 'gateway' PC. I can run
applications like Ethereal on the desktop, rather than just inspecting a
router's logs. There are some handy utilities for routers such as the
Linksys range for viewing logs in a more user-friendly way. One that comes
to mind is 'WallWatcher'. Google for it. It's free.

I've run Red Hat 9, Slackware 9.1 and Windows 2000 on this PC. All did much
the same thing when set up right. With Linux, particularly on Red Hat, I
found it easier to download the free 'Firestarter' program for managing IP
Tables through it's nice GUI.

http://firestarter.sourceforge.net

(Only two problems with this Firestarter program for me. NAT routing seems
to be disabled if you reboot. Just open up the preferences dialog inside
the Firestarter program, and then close it again, and NAT is back up !
They've probably fixed this now. Also, by default, Firestarter spams
connection attempts to the console window, even outside of X-Windows when
you first run it. I did this to stop it :

# su
<enter password>
#dmesg -n 1
#exit
$

That will disable console logging except for really nasty errors. Again,
they've probably fixed this now, and besides, in Linux, you won't be
rebooting half as much as in Windows. Firestarter is really cool for
setting up NAT routing, and is really easy to use in general.)

Having rambled all that, I'm back to Windows 2000 SP4 now, as it runs the
fastest. Plus I can link into the Kerio Firewall on this gateway PC from my
main box's Kerio Firewall. Which is nice.

For me personally, I prefer the GUI of the Kerio Firewall on Windows 2000,
plus I can swap it for tons of other vendors applications really easily,
should I want to. I also run Kerio Mail Server on this gateway PC, and even
though it's an old P2 machine, it doesn't break a sweat. Yet ..

http://www.kerio.com

Maybe some people more conversant with Linux than I am (not hard to do)
could better answer your actual question about advantages of Linux in
this situation, than me.

Regards,

Pete.

- --
'War doesn't prove who's right, just who's left.'



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP6lFJfYt+hJ+PYFrEQJ11ACguSFrSQ1FZbZtPzS8ajzjpr bau8MAn2Cg
WJ8cRfCN2eCWSx8f7uwQoa9U
=xJno
-----END PGP SIGNATURE-----


 
Reply With Quote
 
 
 
 
Leythos
Guest
Posts: n/a
 
      11-05-2003
In article <HQaqb.128$(E-Mail Removed)>,
http://www.velocityreviews.com/forums/(E-Mail Removed) says...
[snip]
>
> Interesting, right now I have this set up:
>
> Linux PC----
> ----Router ----Cable Modem ---Internet
> XPPRo PC--
>
> Would I gain anything by using that linux box as a gateway PC and adding
> another NIC to it? I have an F-secure firewall running on the XP box,
> nothing on the Linux box as it is only used for web surfing by my son, and
> no valuable data on it at all...


You would gain nothing but a larger electric bill.

Your router is far more secure a device than a gateway PC that is setup
by a home user or non-security professional. In fact, your router is
almost idiot proof (forgive the wording, nothing intended there).

--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
 
 
 
Pete-X
Guest
Posts: n/a
 
      11-05-2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Leythos" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In article <HQaqb.128$(E-Mail Removed)>,
> (E-Mail Removed) says...
> [snip]
> >
> > Interesting, right now I have this set up:
> >
> > Linux PC----
> > ----Router ----Cable Modem ---Internet
> > XPPRo PC--
> >
> > Would I gain anything by using that linux box as a gateway PC and
> > adding another NIC to it? I have an F-secure firewall running on the
> > XP box, nothing on the Linux box as it is only used for web surfing by
> > my son, and no valuable data on it at all...

>
> You would gain nothing but a larger electric bill.
>
> Your router is far more secure a device than a gateway PC that is setup
> by a home user or non-security professional. In fact, your router is
> almost idiot proof (forgive the wording, nothing intended there).


No worries. Very true. I was just too curious to see what I could do with
my setup here. A router is by far the safest (and cheapest) option, than
running a PC as it's equivalent. I totally agree with your last paragraph.

However, home user doesn't always mean they've just fallen off the silly
tree, which wasn't what you were saying I know.

If my set up fails, then everybody here's going to hear about it.
Unfortunately ...

Regards,

Pete.

- --
'War doesn't prove who's right, just who's left.'

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP6lHsPYt+hJ+PYFrEQLetACeNMU8PrgiKMWoeo4uBnVMcz nRx7QAnjPW
+JHDbPmbxJxAw0rcsbn2+Cj6
=QcQI
-----END PGP SIGNATURE-----


 
Reply With Quote
 
Ernest T. Bass
Guest
Posts: n/a
 
      11-05-2003

"Pete-X" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> "Leythos" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > In article <HQaqb.128$(E-Mail Removed)>,
> > (E-Mail Removed) says...
> > [snip]
> > >
> > > Interesting, right now I have this set up:
> > >
> > > Linux PC----
> > > ----Router ----Cable Modem ---Internet
> > > XPPRo PC--
> > >
> > > Would I gain anything by using that linux box as a gateway PC and
> > > adding another NIC to it? I have an F-secure firewall running on the
> > > XP box, nothing on the Linux box as it is only used for web surfing by
> > > my son, and no valuable data on it at all...

> >
> > You would gain nothing but a larger electric bill.
> >
> > Your router is far more secure a device than a gateway PC that is setup
> > by a home user or non-security professional. In fact, your router is
> > almost idiot proof (forgive the wording, nothing intended there).

>
> No worries. Very true. I was just too curious to see what I could do with
> my setup here. A router is by far the safest (and cheapest) option, than
> running a PC as it's equivalent. I totally agree with your last

paragraph.
>
> However, home user doesn't always mean they've just fallen off the silly
> tree, which wasn't what you were saying I know.
>
> If my set up fails, then everybody here's going to hear about it.
> Unfortunately ...
>
> Regards,
>
> Pete.
>


Thanks Pete and all, I guess I'll leave well enough alone. I'm no Linux
expert by any means, everything I do in Linux I have to RTFM step by step.
I put RH 8.0 on an old Compaq Athlon 500 several months ago because I got
tired of cleaning viruses off that machine when it had XP on it....the AVG
free that was running on it did virtually nothing to prevent this, and with
a 10 year old using it to get cheat codes for his XBox, it was eaten up with
Viruses =) No problems since Linux was installed, but now he's getting me
off my XP (work) box sometimes to play his favorite RPG of the day, so I
might put XPPro bacl on that Athlon and install F-secure....maybe...

john


 
Reply With Quote
 
Colonel Flagg
Guest
Posts: n/a
 
      11-06-2003
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> In article <(E-Mail Removed)>, "@micro$oft.com"
> <""billyboi\"@micro$oft.com"> says...
> > Hank wrote:
> >
> > > Is there a way to tighten up my system more?

> >
> > Yes. Install Linux.

>
> Installing Linux would be just as bad, it has many security holes too.
>


Fine then. Install OpenBSD.




--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."
 
Reply With Quote
 
oft
Guest
Posts: n/a
 
      11-06-2003
On Tue, 04 Nov 2003 12:37:13 -0500, Hank <(E-Mail Removed)> wrote:

>I'm trying to tighten my computer security by eliminating the open
>ports in my Xp pro system.
>
>When I do a netstat -an it show the following ports listening: 25,
>110, 135, 143, 1025, 1028, and 1121.


TCP or UDP?
If you do netstat -ano you also get the PID.
Then tasklist /svc should show you which program the PID belongs to.
Or you could use fport from www.foundstone.com or ActivePorts.

>When I do a Superscan 3.0 of my computer I get these open ports: 135,
>1025.


If you use the defaults it won't scan all ports. grc don't scan all
ports either.

>Shields Up web site www.grc.com shows I am running stealth. But, when
>I bang into this site it know who I am. (Here is the information he
>receives from me: 24.229.134.70.cmts.tv13.ptd.net)


Your IP address must be known to send packets to you.
Anyone can get your hostname (cmts.tv13.ptd.net) by typing
nslookup 24.229.134.70 in a dos box. This info comes from grc's DNS
servers, not your machine.

>Is there a way to tighten up my system more? BTW, I am running Zone
>Alarmů


25 and 110 are most likely your anti-virus program unless you're
running an email server.

To close 135 UDP stop/disable the messenger service which should also
close another port in the 10xx range.

Backup registry before doing these.
To close 135 TCP open regedit and go to:
HKEY_LOCAL_MACHINEM/System/CurrentControlSet/Services/NetBT/Parameters
and make a new DWORD key named:
SmbDeviceEnabled
The value should be zero.
Then go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\DCOM Protocols
Edit the key and delete the value data (not the key)
Then delete all the keys below:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\ClientPr otocols

Stopping the Task Scheduler service will close another port in the
10xx range.

fport or Active ports should show you what processes are opening the
other ports.
>Thanks Hank from Pa
>
>


oft
--
The note he left was signed:
OldFatherThames
 
Reply With Quote
 
Hank
Guest
Posts: n/a
 
      11-06-2003
I just bought and installed a router. (Netgear's RP614 v2)
This, I hope, is a fairly good inexpensive router; it contains SPI and
NAT protection.

If anyone know about this router please let me know. I am still
trying to figure out all it does.

Hank from Pa

On Wed, 05 Nov 2003 13:06:06 GMT, Leythos <(E-Mail Removed)> wrote:

>In article <(E-Mail Removed)>, "@micro$oft.com"
><""billyboi\"@micro$oft.com"> says...
>> Hank wrote:
>>
>> > Is there a way to tighten up my system more?

>>
>> Yes. Install Linux.

>
>Installing Linux would be just as bad, it has many security holes too.
>
>Get a router with NAT for your cable/dsl connection and you will be much
>better off as a FIRST layer.
>
>
>
>--


 
Reply With Quote
 
David Postill
Guest
Posts: n/a
 
      11-06-2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <(E-Mail Removed)>, on Thu, 06 Nov 2003 06:51:04 -0500, Hank
<(E-Mail Removed)>
wrote:

| I just bought and installed a router. (Netgear's RP614 v2)
| This, I hope, is a fairly good inexpensive router; it contains SPI and
| NAT protection.
|
| If anyone know about this router please let me know. I am still
| trying to figure out all it does.

A good place to ask would be grc.security.hardware.

Lots of knowlegable folks hang out there.

<davidp />

- --
David Postill

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com
Comment: Get key from pgpkeys.mit.edu:11370

iQA/AwUBP6peb3xp7q1nhFwUEQK+3ACgmd6Bvp72pLNXIVMSn8l7CR f7vQcAoKma
OeYj1VU9auZsMWBnv9trQ0+2
=pJ4R
-----END PGP SIGNATURE-----

 
Reply With Quote
 
Colonel Flagg
Guest
Posts: n/a
 
      11-06-2003
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <(E-Mail Removed)>, on Thu, 06 Nov 2003 06:51:04 -0500, Hank
> <(E-Mail Removed)>
> wrote:
>
> | I just bought and installed a router. (Netgear's RP614 v2)
> | This, I hope, is a fairly good inexpensive router; it contains SPI and
> | NAT protection.
> |
> | If anyone know about this router please let me know. I am still
> | trying to figure out all it does.
>
> A good place to ask would be grc.security.hardware.
>
> Lots of knowlegable folks hang out there.
>
> <davidp />
>
> - --
> David Postill
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com
> Comment: Get key from pgpkeys.mit.edu:11370
>
> iQA/AwUBP6peb3xp7q1nhFwUEQK+3ACgmd6Bvp72pLNXIVMSn8l7CR f7vQcAoKma
> OeYj1VU9auZsMWBnv9trQ0+2
> =pJ4R
> -----END PGP SIGNATURE-----
>
>



if it's grc, i seriously doubt "lots" would be accurate.



--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing higher security level from higher security level nderose@gmail.com Cisco 0 07-11-2005 10:20 PM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
How secure is the security from my security form? Aaron Java 1 08-04-2003 06:16 PM
MCSA: Security MCSE: Security question Rick Sears MCSE 0 07-29-2003 08:02 PM



Advertisments