Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Information > network security

Reply
Thread Tools

network security

 
 
wadealowther@yahoo.com
Guest
Posts: n/a
 
      10-01-2007
Hi,

Having set up a basic small home network with a PC (hardwired via an
ethernet cable to a Netgear Router and a laptop connected wirelessly
to the router), I need some advice on internet and network security.

The laptop runs Vista and the PC has XP on it. I use AVG Anti Virus
and Zone Alarm Firewall (both the free versions) which have worked
very well. AVG works fine within a network set up, but I had to switch
off Zone Alarm to ensure that I could access the PC files from the
laptop.

Without the Firewall, I am obviously concerned about security when
using the internet.

Can anyone provide any advice on the best way to set up security on
both machines.

Regards

WAL

 
Reply With Quote
 
 
 
 
jameshanley39@yahoo.co.uk
Guest
Posts: n/a
 
      10-02-2007
On 1 Oct, 19:55, (E-Mail Removed) wrote:
> Hi,
>
> Having set up a basic small home network with a PC (hardwired via an
> ethernet cable to a Netgear Router and a laptop connected wirelessly
> to the router), I need some advice on internet and network security.
>
> The laptop runs Vista and the PC has XP on it. I use AVG Anti Virus
> and Zone Alarm Firewall (both the free versions) which have worked
> very well. AVG works fine within a network set up, but I had to switch
> off Zone Alarm to ensure that I could access the PC files from the
> laptop.
>
> Without the Firewall, I am obviously concerned about security when
> using the internet.
>
> Can anyone provide any advice on the best way to set up security on
> both machines.
>
> Regards
>
> WAL


if you're really concerned.

don't run as administrator.

don't use internet explorer

since you're using zonealarm.. you actually don't have to turn it off,
you can set it to allow file sharing. How to do that is another
matter. To do it yourself you'd have to
a)find out what ports your file sharing uses
b)find out how to allow that on your LAN

Or you could just find out how to tell zone alarm to allow all LAN-LAN
traffic through.

That's the logic. Somebody that uses zonealarm would know. But you
probably won't find many people using zonealarm here.
You could try a more zonealarm specific forum like
http://forums.zonealarm.com/zonelabs...=AllAboutPorts
or
http://www.tek-tips.com/threadminder.cfm?pid=924


The issue with zonealarm , why it's not popular is often discussed in
comp.security.firewalls , a newsgroup where a bunch of fairly
knowledgeable idiots try to have a discussion. A favourite pass time
for them is saying commercial software firewalls are rubbish. If you
read through a dozen threads on it you'll get an idea of the issue.
The idiots tend to write one line and get into arguments because they
aren't clear, but they repeat themselves the whole time in each
thread, same arguments e.t.c. Bunch of lemmings they are, they
shouldn't be allowed to vote. You can browse that newsgroup via
google.

The main point though, is that even if they criticise ZA, their better
alternative is not using ZA. They don't claim ZA makes the system less
secure.

If it makes you more mentally secure, then good

You have a NAT Router, (you know, a box that gives out private
addresses like 192.168.0.2) and a NAT router provides fairly good
protection .

The windows firewall is good too, particularly if you're not running
as administrator.

You can browse safely with just a windows firewall and not using
internet explorer. And not running as administrator

If you're not adventurous in your browsing, you could get away with
using internet explorer
And if you don't run as administrator whilst installing programs willy
nilly, or browsing adventurously in IE (which can install programs
too), then you can get by securely too.






 
Reply With Quote
 
 
 
 
jameshanley39@yahoo.co.uk
Guest
Posts: n/a
 
      10-02-2007
On 2 Oct, 06:49, "(E-Mail Removed)"
<(E-Mail Removed)> wrote:
> On 1 Oct, 19:55, (E-Mail Removed) wrote:
>
>
>
>
>
> > Hi,

>
> > Having set up a basic small home network with a PC (hardwired via an
> > ethernet cable to a Netgear Router and a laptop connected wirelessly
> > to the router), I need some advice on internet and network security.

>
> > The laptop runs Vista and the PC has XP on it. I use AVG Anti Virus
> > and Zone Alarm Firewall (both the free versions) which have worked
> > very well. AVG works fine within a network set up, but I had to switch
> > off Zone Alarm to ensure that I could access the PC files from the
> > laptop.

>
> > Without the Firewall, I am obviously concerned about security when
> > using the internet.

>
> > Can anyone provide any advice on the best way to set up security on
> > both machines.

>
> > Regards

>
> > WAL

>
> if you're really concerned.
>
> don't run as administrator.
>
> don't use internet explorer
>
> since you're using zonealarm.. you actually don't have to turn it off,
> you can set it to allow file sharing. How to do that is another
> matter. To do it yourself you'd have to
> a)find out what ports your file sharing uses
> b)find out how to allow that on your LAN
>
> Or you could just find out how to tell zone alarm to allow all LAN-LAN
> traffic through.
>
> That's the logic. Somebody that uses zonealarm would know. But you
> probably won't find many people using zonealarm here.
> You could try a more zonealarm specific forum likehttp://forums.zonealarm.com/zonelabs/board?board.id=AllAboutPorts
> orhttp://www.tek-tips.com/threadminder.cfm?pid=924
>
> The issue with zonealarm , why it's not popular is often discussed in
> comp.security.firewalls , a newsgroup where a bunch of fairly
> knowledgeable idiots try to have a discussion. A favourite pass time
> for them is saying commercial software firewalls are rubbish. If you
> read through a dozen threads on it you'll get an idea of the issue.
> The idiots tend to write one line and get into arguments because they
> aren't clear, but they repeat themselves the whole time in each
> thread, same arguments e.t.c. Bunch of lemmings they are, they
> shouldn't be allowed to vote. You can browse that newsgroup via
> google.
>
> The main point though, is that even if they criticise ZA, their better
> alternative is not using ZA. They don't claim ZA makes the system less
> secure.
>
> If it makes you more mentally secure, then good
>
> You have a NAT Router, (you know, a box that gives out private
> addresses like 192.168.0.2) and a NAT router provides fairly good
> protection .
>
> The windows firewall is good too, particularly if you're not running
> as administrator.
>
> You can browse safely with just a windows firewall and not using
> internet explorer. And not running as administrator
>
> If you're not adventurous in your browsing, you could get away with
> using internet explorer
> And if you don't run as administrator whilst installing programs willy
> nilly, or browsing adventurously in IE (which can install programs
> too), then you can get by securely too.- Hide quoted text -
>
> - Show quoted text -


You can't run 2 software firewalls , like ZA and the WFW

Installing ZA will no doubt disable the WFW and may stop you enabling
it. If you could enable it while running ZA then it may be
problematic. Crashes maybe.

ZA will do everything WFW does (blocking incoming), and more(blocking
outgoing), though there is disagreement about how useful the 'more'
is.

WFW does have a weakness ZA doesn't, that it is quite a common target
by malicious websites and if you're running as administrator they can
take it down. They could take down ZA in theory, but it's not as
targetted and prob more difficult.

The windows firewall in vista may be able to block outgoing, I haven't
tried. But the one in XP can't. I was writing more with the win xp
firewall in mind. But the arguments apply more-or-less.

This issue is only academic really.

Follow the advice i mention in the previous post.






 
Reply With Quote
 
jinxy
Guest
Posts: n/a
 
      10-02-2007
On Oct 2, 1:57 am, "(E-Mail Removed)"
<(E-Mail Removed)> wrote:
> On 2 Oct, 06:49, "(E-Mail Removed)"
>
>
>
>
>
> <(E-Mail Removed)> wrote:
> > On 1 Oct, 19:55, (E-Mail Removed) wrote:

>
> > > Hi,

>
> > > Having set up a basic small home network with a PC (hardwired via an
> > > ethernet cable to a Netgear Router and a laptop connected wirelessly
> > > to the router), I need some advice on internet and network security.

>
> > > The laptop runs Vista and the PC has XP on it. I use AVG Anti Virus
> > > and Zone Alarm Firewall (both the free versions) which have worked
> > > very well. AVG works fine within a network set up, but I had to switch
> > > off Zone Alarm to ensure that I could access the PC files from the
> > > laptop.

>
> > > Without the Firewall, I am obviously concerned about security when
> > > using the internet.

>
> > > Can anyone provide any advice on the best way to set up security on
> > > both machines.

>
> > > Regards

>
> > > WAL

>
> > if you're really concerned.

>
> > don't run as administrator.

>
> > don't use internet explorer

>
> > since you're using zonealarm.. you actually don't have to turn it off,
> > you can set it to allow file sharing. How to do that is another
> > matter. To do it yourself you'd have to
> > a)find out what ports your file sharing uses
> > b)find out how to allow that on your LAN

>
> > Or you could just find out how to tell zone alarm to allow all LAN-LAN
> > traffic through.

>
> > That's the logic. Somebody that uses zonealarm would know. But you
> > probably won't find many people using zonealarm here.
> > You could try a more zonealarm specific forum likehttp://forums.zonealarm.com/zonelabs/board?board.id=AllAboutPorts
> > orhttp://www.tek-tips.com/threadminder.cfm?pid=924

>
> > The issue with zonealarm , why it's not popular is often discussed in
> > comp.security.firewalls , a newsgroup where a bunch of fairly
> > knowledgeable idiots try to have a discussion. A favourite pass time
> > for them is saying commercial software firewalls are rubbish. If you
> > read through a dozen threads on it you'll get an idea of the issue.
> > The idiots tend to write one line and get into arguments because they
> > aren't clear, but they repeat themselves the whole time in each
> > thread, same arguments e.t.c. Bunch of lemmings they are, they
> > shouldn't be allowed to vote. You can browse that newsgroup via
> > google.

>
> > The main point though, is that even if they criticise ZA, their better
> > alternative is not using ZA. They don't claim ZA makes the system less
> > secure.

>
> > If it makes you more mentally secure, then good

>
> > You have a NAT Router, (you know, a box that gives out private
> > addresses like 192.168.0.2) and a NAT router provides fairly good
> > protection .

>
> > The windows firewall is good too, particularly if you're not running
> > as administrator.

>
> > You can browse safely with just a windows firewall and not using
> > internet explorer. And not running as administrator

>
> > If you're not adventurous in your browsing, you could get away with
> > using internet explorer
> > And if you don't run as administrator whilst installing programs willy
> > nilly, or browsing adventurously in IE (which can install programs
> > too), then you can get by securely too.- Hide quoted text -

>
> > - Show quoted text -

>
> You can't run 2 software firewalls , like ZA and the WFW
>
> Installing ZA will no doubt disable the WFW and may stop you enabling
> it. If you could enable it while running ZA then it may be
> problematic. Crashes maybe.
>
> ZA will do everything WFW does (blocking incoming), and more(blocking
> outgoing), though there is disagreement about how useful the 'more'
> is.
>
> WFW does have a weakness ZA doesn't, that it is quite a common target
> by malicious websites and if you're running as administrator they can
> take it down. They could take down ZA in theory, but it's not as
> targetted and prob more difficult.
>
> The windows firewall in vista may be able to block outgoing, I haven't
> tried. But the one in XP can't. I was writing more with the win xp
> firewall in mind. But the arguments apply more-or-less.
>
> This issue is only academic really.
>
> Follow the advice i mention in the previous post.- Hide quoted text -
>
> - Show quoted text -


Is there not a firewall based within the router also? I think so.-J

 
Reply With Quote
 
jameshanley39@yahoo.co.uk
Guest
Posts: n/a
 
      10-02-2007
On Oct 2, 1:30 pm, jinxy <(E-Mail Removed)> wrote:
> On Oct 2, 1:57 am, "(E-Mail Removed)"
>
>
>
>
>
> <(E-Mail Removed)> wrote:
> > On 2 Oct, 06:49, "(E-Mail Removed)"

>
> > <(E-Mail Removed)> wrote:
> > > On 1 Oct, 19:55, (E-Mail Removed) wrote:

>
> > > > Hi,

>
> > > > Having set up a basic small home network with a PC (hardwired via an
> > > > ethernet cable to a Netgear Router and a laptop connected wirelessly
> > > > to the router), I need some advice on internet and network security.

>
> > > > The laptop runs Vista and the PC has XP on it. I use AVG Anti Virus
> > > > and Zone Alarm Firewall (both the free versions) which have worked
> > > > very well. AVG works fine within a network set up, but I had to switch
> > > > off Zone Alarm to ensure that I could access the PC files from the
> > > > laptop.

>
> > > > Without the Firewall, I am obviously concerned about security when
> > > > using the internet.

>
> > > > Can anyone provide any advice on the best way to set up security on
> > > > both machines.

>
> > > > Regards

>
> > > > WAL

>
> > > if you're really concerned.

>
> > > don't run as administrator.

>
> > > don't use internet explorer

>
> > > since you're using zonealarm.. you actually don't have to turn it off,
> > > you can set it to allow file sharing. How to do that is another
> > > matter. To do it yourself you'd have to
> > > a)find out what ports your file sharing uses
> > > b)find out how to allow that on your LAN

>
> > > Or you could just find out how to tell zone alarm to allow all LAN-LAN
> > > traffic through.

>
> > > That's the logic. Somebody that uses zonealarm would know. But you
> > > probably won't find many people using zonealarm here.
> > > You could try a more zonealarm specific forum likehttp://forums.zonealarm.com/zonelabs/board?board.id=AllAboutPorts
> > > orhttp://www.tek-tips.com/threadminder.cfm?pid=924

>
> > > The issue with zonealarm , why it's not popular is often discussed in
> > > comp.security.firewalls , a newsgroup where a bunch of fairly
> > > knowledgeable idiots try to have a discussion. A favourite pass time
> > > for them is saying commercial software firewalls are rubbish. If you
> > > read through a dozen threads on it you'll get an idea of the issue.
> > > The idiots tend to write one line and get into arguments because they
> > > aren't clear, but they repeat themselves the whole time in each
> > > thread, same arguments e.t.c. Bunch of lemmings they are, they
> > > shouldn't be allowed to vote. You can browse that newsgroup via
> > > google.

>
> > > The main point though, is that even if they criticise ZA, their better
> > > alternative is not using ZA. They don't claim ZA makes the system less
> > > secure.

>
> > > If it makes you more mentally secure, then good

>
> > > You have a NAT Router, (you know, a box that gives out private
> > > addresses like 192.168.0.2) and a NAT router provides fairly good
> > > protection .

>
> > > The windows firewall is good too, particularly if you're not running
> > > as administrator.

>
> > > You can browse safely with just a windows firewall and not using
> > > internet explorer. And not running as administrator

>
> > > If you're not adventurous in your browsing, you could get away with
> > > using internet explorer
> > > And if you don't run as administrator whilst installing programs willy
> > > nilly, or browsing adventurously in IE (which can install programs
> > > too), then you can get by securely too.- Hide quoted text -

>
> > > - Show quoted text -

>
> > You can't run 2 software firewalls , like ZA and the WFW

>
> > Installing ZA will no doubt disable the WFW and may stop you enabling
> > it. If you could enable it while running ZA then it may be
> > problematic. Crashes maybe.

>
> > ZA will do everything WFW does (blocking incoming), and more(blocking
> > outgoing), though there is disagreement about how useful the 'more'
> > is.

>
> > WFW does have a weakness ZA doesn't, that it is quite a common target
> > by malicious websites and if you're running as administrator they can
> > take it down. They could take down ZA in theory, but it's not as
> > targetted and prob more difficult.

>
> > The windows firewall in vista may be able to block outgoing, I haven't
> > tried. But the one in XP can't. I was writing more with the win xp
> > firewall in mind. But the arguments apply more-or-less.

>
> > This issue is only academic really.

>
> > Follow the advice i mention in the previous post.- Hide quoted text -

>
> > - Show quoted text -

>
> Is there not a firewall based within the router also? I think so.-J-


often, yes, it's a box that has a router function, and firewall
function, and does NAT.

I think the packet hits the NAT first, and NAT blocks all incoming
unless you set port forwarding..

What use then is the firewall?

Well, it can also block outgoing, but the benefits and usage of this
is a debated thing. Of course, if you're benefiting from blocking
outgoing, it's because you're already compromised. It can help prevent
things getting worse for you, and moreso, it can help protect other
people from your now potentially malicious machine. But if you block
one tcp port&ip, malware could find another, it's a game of cat and
mouse - by concept. Conceptually, you can block all incoming
connections and still browse the net. But if you block all outgoing,
you can't even browse the net. . Those that block outgoing may screen
packets going out , I think this looking anywhere in the packet is
called DPI, one could identify what it is and isn't.

But this is less for a technical home user or idiot end user, and more
for a network administrator in charge of a bunch of idiot end users.
Blocking outgoing is a game of cat and mouse - by concept. i.e. even
if the implementation is perfect. Whereas blocking (all) incoming,
conceptually it's perfect, so the only hole there could be in the
implementation, like a bug that can be exploited by an incoming
packet.






..

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing higher security level from higher security level nderose@gmail.com Cisco 0 07-11-2005 10:20 PM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
How secure is the security from my security form? Aaron Java 1 08-04-2003 06:16 PM
MCSA: Security MCSE: Security question Rick Sears MCSE 0 07-29-2003 08:02 PM



Advertisments