Internet, Home Network And VPN...

[StateofSecurity]

Hi I have Been Trying For Sometime Now To Setup A VPN With A Friend... We Both Run XP Pro And Both Have A 2mb Cable Connection.. He runs A Network Through A proxy Server And I run A Network Through A linksys Router... I think this Seems To Be Unsafe On One Single Local Area Connection Because Of To Many Open Ports... My Question Is Will This Type Of Network Be easilly Compromised By Hackers? And If So How Can I Prevent It?

[meister]

i don't think it matters wether there is a router and a router in your vpn network. the connection is encrypted. even is somebody installs a packet sniffer or uses an exploit to access one open port he cannot read nor edit the data send within the vpn.

[NeuTron]

Originally posted here by StateofSecurity
I think this Seems To Be Unsafe On One Single Local Area Connection Because Of To Many Open Ports... My Question Is Will This Type Of Network Be easilly Compromised By Hackers?

The question you should ask yourself is how much of a target are you. There is only so far a cracker will go to try and compromise your network when there is very little to show for it in the end. If this is truly a home network with trivial data on it, you are probably pretty safe. While a linksys router is not the most secure device on earth, it does take time to break through. If the reward does not justify the time required to penetrate your network, then you can probably feel pretty safe about it. The VPN is even another layer of security that compounds the time needed to gain entry. If the cracker is as impatient as I am, as many are, you most likely have nothing to worry about, that is unless you are storing nuclear launch codes and/or Oracle source code.

-NeuTron

[OverdueSpy]

It's not quite as simple as the information being encrypted and WALLA you are protected. Encryption doesn't do a bit of good if your system has been compromised with a trojan that can, sniff your VPN headder traffic, access files on your hard drive, and log your keystrokes, capturing your password. Even a virus can potentially spread over the VPN connection.

Don't get me wrong VPN is a good start, but that does not make your system secure. You need to use layred defenses. What those defenses are depends on what information you are trying to protect and how much money you are willing to spend. A basic security design encompases using the following: Router, Firewall, Filtering, Proxies, Anti-virus, Intrusion detection, spyware detection, and encryption just to name a few.

There some excellent information in the tutorial section here on these and other topics. I suggest you read them, which will help bring you up to speed on how to properly secure a network.

[lessthanzero]

If this is truly a home network with trivial data on it, you are probably pretty safe.

Safe from what? This is bad advice and makes assumptions that are not based in fact.

The simple truth is that everyone is at some level of risk, irrespective of being corporate or a home user. As well, data is irrelevant (in the context of this discussion mind you). What is relevant is that you have a machine with an internet connection. If you're vulnerable, the probability is conservatively moderate (some may argue 'high') that you'll be exploited.

At the least your machine will get compromised and then left alone. Somewhere in the middle of the scale your machine may become host to a trojan/worm/virus, etc. At the other far end of the spectrum your machine may be used as a jump box or zombie for any number of purposes.

Again, your net worth, public profile, or business status have zero to do with the common, everyday attacker's choice in victimizing your computer. This notion of personifying computer intrusion is non-sense and just plain silly. Get real- your computer is just another IP address that someone is feeding into their point-and-click exploit tool. They don't even care if you're running the right OS for the exploit...

Follow OverdueSpy's advice - he's dead on in what he wrote- and layer your defenses. Be responsible and build up a defense-in-depth posture. Use a firewall, a secure/reliable vpn software, anti-virus, etc.

Relying on any one safeguard gives you a false sense of security which is only marginally better than no security. Worse, thinking your safe because you're running a "home network"...that's just asking for it.

Cheers,
<0