Sunday, March 22, 2009

Network Security

I'm back after having reconfigured my home network.

The network now boasts a dedicated firewall machine, with a DMZ. The firewall runs on Linux (free downloads) and has IDS/IPS (intrusion detection/intrusion prevention) in place. There are two separate routers for two subnets. Each router has its own firewall as well, and each PC has a software firewall with IDS/IPS running.

I admit my Linux skills are enough to get me in trouble. Thank The Lord there are tutorials all over the web. For my evaluation of some of the packages that require a pre-installed Linux package, I chose to run Mandriva Linux.

I eventually chose a package that I could manage with my weak Linux skills. I also checked out Firestarter, ZorpGL, Turtle, LutelWal, FloppyFW, IPCop, LinuxLiveCD, and Trustix. All of these packages are free.

Each of these firewall packages will run on that old Pentium I or 486 you've sitting, unused, in a closet or corner. A couple, like LinuxLiveCD and FloppyFW, do not even need a hard drive. ZorpGL had a bit more of a learning curve than I was willing to devote time to. LutelWal was developed in Poland, and the author is looking for someone to help him do the Polish to English preparation of the documentation, so I was unable to devote the time to hacking around trying to figure out everything. Trustix looked promising, and I think I will migrate to it at a later date.

After testing out different packages, I settled on SmoothWall. SmoothWall, also free, requires a hard drive, and CD drive. I'm running it on an old Dell Pentium I based machine. The package seemed to be the easiest, and quickest, for my needs. Smoothwall will overwrite the entire hard drive in the machine you intend to use as a firewall. There is no need to pre-install Linux as with a couple of the other packages.

Just be aware of that when planning.

I use swappable boot drives in my personal PC ( I say this because there are a number of PCs here). I have several drives, each with an installation of XP on them. One is used for "normal" activities (like posting here), and the others for "abnormal" activities (like visiting hacker sites). This is similar to the product I use. This way there is less chance of contamination. In addition to which, when I set up a drive with all of the software I intend to use, I make a Ghost Image . If something should happen, I simply write over the drive with the image.

The particular PC that I use is running "on-the-fly" encryption thanks to the folks over at SecurStar. This is the product that I am using for my boot drives. I also have the 1344 bit version for external data drives.

I also use a software firewall on my PC called Outpost Security Suite. They offer a free thirty day evaluation of the software. This software is what alerted me to the fact that someone from an IP address linked to the Army was attempting to gain access to my PC.

There was another interesting piece of software that I ran across out there. It may be the solution for the folks who may not want to setup a dedicated Linux firewall machine. I tried it out, and if you're running a wireless network, this may be a must have for you.

Lan-Secure offers a group of products designed to secure a network. It can actually stop a rogue machine from becoming part of your network. Security Center Lite ran fine on my XP machine and effectively shut out every other machine on my network until I gave them permission. They have their products available for free thirty day trials as well.

I am also using Firefox as my browser, and Thunderbird as my e-mail client. Both of which are more secure than their Microsoft counterparts.

One of the most insidious of all hacks that plague PCs is the "keylogger". There is a product available that works with Internet Explorer and Firefox that scrambles all key strokes. QFX Software makes a product called "Keyscrambler". They make a "personal" (free) version available for download at CNET. This will help secure you if you are transacting any personal business via the web.

In Firefox, I have also loaded such plugins as "NoScript", "Finjan Secure Browsing (also works in IE)", "Distrust", and "TrackMeNot". Additional Firefox plugins can be located here.

Some additional steps that can be taken to protect you if you have an "always on" internet connection are as simple as shutting down your machine, and disabling the "remote assistance" and "remote desktop" features in Windows. If you must leave your machine on, disable the LAN connection, or unplug your modem or router when you aren't actively online.

Make sure your operating system is up to date. If you're running a Microsoft OS, visit GRC, and test out your system's security.

To be quite frank, I'm not sure exactly what caused certain elements to become interested in my systems or online activities. I admit to frequenting hardware and software hacking sites, most of which are overseas in The Former Soviet Republics. Although there have been forays into sites located in China, and some Islamic States as well as a number located in Western Europe.

Recently, I've been downloading a number of "how to" manuals on unconventional warfare in an effort to build a library to share with everyone. It would save all of us having to tread the same ground. It is a collection of military manuals, and things written by "people in the know", so hopefully it may prove to be useful.

It's nice to know that our government cares, isn't it?


Bullseye said...

Catman, welcome back buddy, we missed you. Security is something I need more of on my system too, been getting some unwanted visitors. LOL Thanks for the info and looking forward to the "how to's".

Rhino said...

Catman, you lost me on the first paragraph,I am NOT a computer wiz but I will check out some of the stuff you have listed, thanks for the info


Anonymous said...

Welcome back, Catman, You've been missed. Don't really understand everything you said but I'll give it a try.

HermitJim said...

Sounds like some good information! Thanks, my friend!

Nice to have someone watching out for us!

Shy Wolf said...

Welcome back, Catman! Great to know you're still with us. Thanks for the links, too- I'll be checking them out in an attempt to reconfigure my old Dell HD to Linux- my kid's been pushing that at me really hard.