Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Question About Network Security

  1. #11
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    A bit of advice, easy on the caps lock(its the same as screaming). Also, dont make multiple posts in a row. You should condense them into one single post. Now for your question,

    If you want free apps I would recommend AVG for Antivirus Link. As for Firewall, you have a lot of choices but Kerio seems to be one of the better free options. Link.

    -NeuTron

  2. #12
    Custom User
    Join Date
    Oct 2001
    Posts
    503
    If it's a network and you have enough money to have a network admin, I don't think you should be installing software firewalls on the machines. Generally it's cheaper and "better" for you to have one firewall acting as a gateway for all your machines. For one thing, it means that all the machines share the same firewall rules, and for another, it means if you want to update the firewall to block something or allow something, you only have to change your gateway.

    I'm not going to say that hardware firewalls are better than software firewalls, etc...but I don't think you should have individual firewalls for each machines, and a machine running as a dedicated firewall and gateway is probably going to be more expensive and more hassle than a hardware firewall/router would be.

    So before you say that the guy is a nutter, ask him what the setup is. Ask him what his reasons for saying that you don't need firewalls/antivirus software, and check out if you do have a firewall at the gateway. He may have had a reason.

    ac

  3. #13
    Originally posted here by cacosapo
    reasons:

    a) without a firewall and an a/v you cant survice 20 minutes on internet
    b) same as a
    c) same as b
    d) if you use e-mail ( i bet that you use outlook) you can get a lot of malware and destroy all usefull data on your hard disk.

    but:
    i) you dont have a internet/external connection (inclunding thru network) AND
    ii) your computers doesnt have floppy, cd or usb connections and
    iii) you have no way to bring any file to your network

    so you dont need an a/v nor a firewall
    Oh, cut the bullshit, uneducated and ignorant comments aside, the guy is not crazy and probably has the system set up securely enough for what he thinks is necessary.

    Let's consider why someone might not install software firewalls nor AV's. First, both AV's and firewalls are usually high resource hogging programs that slow down the network computers tremendously (look at Norton Corporate). Second, for a software firewall to work correctly, the user on the computer must be competent enough to understand how to configure the firewall and operate its policies, thus many networks use hardware firewalls, which like gothic said, usually are cheaper because no licenses have to be bought. Third, AV is not a necessity at all, depending on how the admin has setup user policies. If a user has enough restrictions placed on him, an AV will do nothing more than suck the computer's resources like a cheap hooker.

    And as for your ignorant a) comment, I have a personal computer running Apache 2 with no firewall nor AV. This computer serves as both a server and my daily use PC (word processing, renders, and coding) and at the time of writing this, the uptime is about 2.5 weeks (give or take a day or two).

  4. #14
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    IMHO, the only real way to secure a network inside an office region would be to follow the steps below:

    1: configure the bios for each machine to be the same. No USB (not many businesses actually *need* USB and packaged compaq/hp/dell comps still use PS/2 mice/keyboards), no floppy (not only do you remove the ability to have bootsector viruses but you also remove that level of data transfer and circumvention), things like that. Lock the bios with a strong password. They should never get into it anyways, and if a machine has to be replaced, you know the drill and routine to follow.

    2: install the OS. Assuming XP Pro or 2000 Pro, both can be configured and fully patched. Set up policies so that the single user account on the machine can't do anything short of running the few programs they're allowed to. If it's a linux desktop, even better, but I doubt that, so I won't even go into that.

    3: remove all indications of Outlook, OE, and IE. Replace them with updated versions of anything else, whether it's Mozilla, Netscape, Firefox (woot!), Thunderbird (mail client for Firefox), or Opera. By replacing these, the business now isn't *as* vulnerable as those that use MS-only products.

    4: buy a site- license for Ad-Aware Professional which allows for remote scanning so any IT staff can schedule and run network scans.

    5: make sure Office 2000/XP is installed and patched, etc. I don't like using Office anything, but it's the defacto for offices.

    6: install a hardware firewall and an antivirus program of your choice (do your homework) on your email server. Scan everything coming in and going out, regardless. Limit size of downloaded files to something reasonable, like 1mb. Nothing business-related larger than that should be sent over the wire, ever, and personally, I'm sick of those 13mb whatever.mdb or 1.9mb foo.xls things that get to be sent...talk about trashing the line for a while.

    7: spend a good few hours perfecting this setup.

    8: make an image for ghosting purposes.

    Doing the above allows you to have a relatively locked-down image that doesn't allow the user to do anything except what they're allowed. Sure, it's a bit more detailed than that, but until people start using linux as a viable desktop a lot more, extra effort will always be required for securing Windows-based machines. Not saying that linux out of the box is secure; far from it. But by default, it's a lot better than a windows installation out of the box.

    There's a lot more and end users in the end will still be "end" users and not ever get educated to the level they need to be. That's probably the biggest security risk right there. Programs I can fix, exploits I can report and deny, but nothing can be done (generally) with a happily-ignorant user who won't listen because they think being twice my age means they don't have to.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  5. #15
    Instead of relying on AV and definitions of what is already a known and a detectable threat, he may have policies over what type of changes are made to the box. He could have a program similiar to hijackthis! and regprot, have various methods of checking the integrity of files other files that programs like hijackthis generally ignore. Rarely login as as admin or root unless serious changes are needed. Tweak around with things properly, turn off what is not needed.

    He could also have a sniffer that is not only watching over things & loging them but also droping traffic... as far as I've seen FW software have never been as configuerable... yet alone open source as all these sniffers out there. He might also even have an almost subgenius method of handeling the checksums and logs...

    Look around you for a moment, it is all of the end-users out there that have AV and FW programs doing 80% of the work for them yet time after time it is proven that sometimes that's just not enought... well why is that? Well most computers get owned because of vulnerabilities which most often this is poor design and configuration & lack of updateing from a user, the fact that most home users login as admin and have no policies over what goes on, people just plain don't know or care about the little changes here and there in their systems behing their back, oh and all this stems from sheer stupidity.

    All you've provided about the situation is ("He doesn't have an AV or FW software therefore he is a ****in' dumb-ass") you would be surprised how many important servers out there that don't have Anti-viral or firewall software installed on them for performance issues.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •