Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Help on securing a personal home network
New Posts  All Forums:Forum Nav:

Help on securing a personal home network - Page 2

post #11 of 18
Quote:
Originally Posted by bratas View Post
Windows Firewall (or any software based Firewall for that matter) is absolute garbage for what OP is needing.

OP I would start with reading the guide in my link, tho it may be a little out of your knowledge at first this is one of the primary reasons I wrote it. Yes for your specific case I would recommend segregating your sis's system into a more protected area of the network, especially given the fact she is performing and retaining financial information on the system. A hardware firewall, specifically UTM may be advisable if it's within your budget (figure about $600-1k). The reason I suggest a UTM is not just for the firewall but also the IPS already built in as many are anomaly-based rather than rule-based IPS. Translation between the 2 based IPS's an anomaly-based IPS will learn what is normal activity and will automatically implement deny's or kill traffic if it is out of normal operation, rule-based is just as it sounds it is based on the rules you implement and requires ****tons more overhead and administration.

Edit
Beers I would not trust the long passphrase
In this instance I also would not recommend this system ever go across wireless.

This should also help determine why you would not want to rely on wireless security, http://www.zdnet.com/blog/hardware/c...-useless/13125
I wanna see a hardware firewall protect you against malicious programs running on your pc creating back doors. Doesn't matter if they're garbage or not its still a layer of protection and there's no use getting a firewall and setting it up wrongly coz then they become garbage. That guides explain the workings of a firewall. A hardware firewall ain't stopping anything that steals your data like infected links etc. They're good for stop intruders hacking in
post #12 of 18
Thread Starter 
router is a hardware firewall...?
Bye Bye 775
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.5GHz ASUS P8P67 PRO MSI GTX 660 Ti Power Edition  2x4gb Ripjaws@1866MHz 
Hard DriveOptical DriveOSMonitor
840Pro 128 | 3xWD Vraptor | 1.5TB Green LG 6X Blu-ray /HD-DVD combo Win7 Ultimate 64bit 2 x U2311H 1920x1080 
KeyboardPowerCaseMouse
Logitech G710+ Corsair HX620 Corsair 600t Logitech G500 
  hide details  
Reply
Bye Bye 775
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.5GHz ASUS P8P67 PRO MSI GTX 660 Ti Power Edition  2x4gb Ripjaws@1866MHz 
Hard DriveOptical DriveOSMonitor
840Pro 128 | 3xWD Vraptor | 1.5TB Green LG 6X Blu-ray /HD-DVD combo Win7 Ultimate 64bit 2 x U2311H 1920x1080 
KeyboardPowerCaseMouse
Logitech G710+ Corsair HX620 Corsair 600t Logitech G500 
  hide details  
Reply
post #13 of 18
Does the format these files are created in support file-level encryption?

I took a class online once in which all the students contributed to the homework assignments. Each student was assigned a portion which was uploaded to the server and all students in the group had access to a final document. However, some students wanted to just copy the work without contributing at all.

So, I decided to encrypt the document and only give students that I knew were contributing the key. The students who were not contributing were able to download the document, but could not read it. They complained to the teacher and he contacted me. I explained what was going on and he gave the students who complained F's on the homework.

I'm obviously a bit out of my depth here, but I think encrypting the actual documents would be a useful layer of security to add. That way if someone magically manages to get through these firewalls and downloads the documents, that individual would still need to decrypt them. For instance, Office 2007 (Word, Excel, etc) can support fairly strong encryption.

http://www.techrepublic.com/article/...atures/6176764
http://www.oraxcel.com/projects/enco...ncryption.html

Quote:
Originally Posted by justarealguy View Post
router is a hardware firewall...?
Kind of, sort of, not really. It is like comparing a moped to a late model Kawasaki Ninja.
Edited by Majestic_Lizard - 6/7/11 at 6:59pm
    
CPUMotherboardGraphicsRAM
Zilog Z80 @ 4MHz Coleco Adam Motherboard 16 KB / 16 colors / 32 sprites (on-board) 64K 
Hard DriveOptical DriveOSMonitor
Coleco Digital Data Cassette Coleco Digital Data Cassette CP/M, BASIC (on tape) CRT Television 
PowerCase
Built into printer Plays All Coleco Cartridges 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Zilog Z80 @ 4MHz Coleco Adam Motherboard 16 KB / 16 colors / 32 sprites (on-board) 64K 
Hard DriveOptical DriveOSMonitor
Coleco Digital Data Cassette Coleco Digital Data Cassette CP/M, BASIC (on tape) CRT Television 
PowerCase
Built into printer Plays All Coleco Cartridges 
  hide details  
Reply
post #14 of 18
Your router, due to its use of NAT, is already performing many of the functions of a hardware firewall. I'd say that you should make sure your wireless interfaces are secure (use WPA2), and also make sure that the computer in question is running up-to-date antivirus. The biggest threat now is malware that could leak those documents onto the Internet.
SG06
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-3570S 65W ASRock Z77E-ITX VisionTek AMD Radeon RX 480 8GB Reference G.SKILL Sniper DDR3-2400 (@ 1866 9-10-10-28) 2x8GB 
Hard DriveHard DriveCoolingCooling
Crucial m4 256GB Toshiba P300 3TB Prolimatech Samuel 17 Noctua NF-F12 
OSMonitorMonitorKeyboard
Windows 10 Pro x64 HP Omen 32" HP Pavilion 27xi Das Model S Professional Silent 
PowerCaseMouseAudio
Silverstone SST-ST45SF Silverstone SG06 Microsoft Intellimouse Realtek ALC898 
  hide details  
Reply
SG06
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-3570S 65W ASRock Z77E-ITX VisionTek AMD Radeon RX 480 8GB Reference G.SKILL Sniper DDR3-2400 (@ 1866 9-10-10-28) 2x8GB 
Hard DriveHard DriveCoolingCooling
Crucial m4 256GB Toshiba P300 3TB Prolimatech Samuel 17 Noctua NF-F12 
OSMonitorMonitorKeyboard
Windows 10 Pro x64 HP Omen 32" HP Pavilion 27xi Das Model S Professional Silent 
PowerCaseMouseAudio
Silverstone SST-ST45SF Silverstone SG06 Microsoft Intellimouse Realtek ALC898 
  hide details  
Reply
post #15 of 18
A hardware firewall for 1 pc is a huge overkill. The average home user will be well protected with a software firewall , they are easier to manage and much cheaper in price than a dedicated hardware firewall. Large corporations and schools with big networks use a hardware firewall as they are more cost effective, representing good value for money when defending a large network of computers and not having to pay licensing fees and setting them up all 1 by one

Quote:
Originally Posted by justarealguy View Post
router is a hardware firewall...?
theres not much to configure on a routers firewall and they end up more being a pain than anything else.
Edited by Spooony - 6/7/11 at 6:59pm
post #16 of 18
a router while yes may have ability to deny based on IP, does not look into the packet. A software based firewall while true is cheaper does not protect the network alone. The purpose of a hardware based firewall is to block external threats before they even get to the local machine and Spoony I hate to burst your bubble man, but 1 hardware firewall protecting 1 financial will be worth it's weight in gold. Yes you still want protection on the local machine also. Now before I start ripping into you more for not fully knowing what you are talking about. A UTM has the capabilities of the hardware based firewall, Intrusion Protection system, Anti-virus and multiple other services, of coarse those are licensed services that has to be pd for and why I stated a budget of 600-1k, which is a very small price to pay if your trying to protect multiple thousands of dollars worth of financial data. Even 1 persons personal financial data can be worth 10's of thousands of dollars when dealing with credit.
The Raven
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7-2600K Gigabyte GA-P67A-UD5-B3 EVGA GTX 570 SC EVGA GTX 570 SC 
RAMHard DriveOptical DriveCooling
16GB G.SKILL Ripjaws X 1866 Samsung 840 Pro  iHAS324 - Lite-On DVD-RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 10 ASUS VN248 ASUS VN248 Logitech G510 
PowerCaseMouse
XFX 850W BE SILVERSTONE RV02B-EW Logitech MX518 
  hide details  
Reply
The Raven
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7-2600K Gigabyte GA-P67A-UD5-B3 EVGA GTX 570 SC EVGA GTX 570 SC 
RAMHard DriveOptical DriveCooling
16GB G.SKILL Ripjaws X 1866 Samsung 840 Pro  iHAS324 - Lite-On DVD-RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 10 ASUS VN248 ASUS VN248 Logitech G510 
PowerCaseMouse
XFX 850W BE SILVERSTONE RV02B-EW Logitech MX518 
  hide details  
Reply
post #17 of 18
Quote:
Originally Posted by bratas View Post
a router while yes may have ability to deny based on IP, does not look into the packet. A software based firewall while true is cheaper does not protect the network alone. The purpose of a hardware based firewall is to block external threats before they even get to the local machine and Spoony I hate to burst your bubble man, but 1 hardware firewall protecting 1 financial will be worth it's weight in gold. Yes you still want protection on the local machine also. Now before I start ripping into you more for not fully knowing what you are talking about. A UTM has the capabilities of the hardware based firewall, Intrusion Protection system, Anti-virus and multiple other services, of coarse those are licensed services that has to be pd for and why I stated a budget of 600-1k, which is a very small price to pay if your trying to protect multiple thousands of dollars worth of financial data. Even 1 persons personal financial data can be worth 10's of thousands of dollars when dealing with credit.
They are specialized devices, hardware firewalls tend to be expensive, complicated, difficult to upgrade, and tricky to configure. In other words, they are best reserved for IT managers who are specially trained to install, configure, and monitor such devices.

Software firewall can protect a pc just as good. But dont expect much from a free solution firewall. There are very good paid software firewalls and they are also worth gold
post #18 of 18
Quote:
Originally Posted by Spooony View Post
They are specialized devices, hardware firewalls tend to be expensive, complicated, difficult to upgrade, and tricky to configure.

The Coyote hardware (build-it-yourself) firewall utilizes legacy components, and a Linux operating system thus negating a massive cash outlay, purportedly it offers a moderate-to-strong level of protection to whatever it's shielding and is relatively user friendly... I don't see how whipping up a H/F would be overkill think of all the legacy components you'd be recycling


The old FAQ can be seen HERE keep in mind advances have been made in system format



How to build your own network firewall @ Engaget.com

Build your own gateway firewall @ Intrstructables.com

Hardware firewall @ easy-tutorials.blogspot.com

10 things to look for in a hardware based firewall @ Techrepublic.com
Edited by ()ut[@st - 6/9/11 at 12:18am
Leviathan
(13 items)
 
  
CPUMotherboardGraphicsRAM
San Diego 3700+ MSI K8N Neo2 Platinum Gigabyte Radeon 9600XT 128Mb 2Gb Geil Ultra-X DDR400 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 80Gb SATA Asus DRW20B1LT SATA Dual boot XPpro/Fedora Core 14 19" Acer AL1916W (recapped) 
KeyboardPowerCaseMouse
CompaQ KB-0133 Antec TrueBlue480 (recapped) CoolerMaster Centurion CAC-T01 Logitech M-S34 
  hide details  
Reply
Leviathan
(13 items)
 
  
CPUMotherboardGraphicsRAM
San Diego 3700+ MSI K8N Neo2 Platinum Gigabyte Radeon 9600XT 128Mb 2Gb Geil Ultra-X DDR400 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 80Gb SATA Asus DRW20B1LT SATA Dual boot XPpro/Fedora Core 14 19" Acer AL1916W (recapped) 
KeyboardPowerCaseMouse
CompaQ KB-0133 Antec TrueBlue480 (recapped) CoolerMaster Centurion CAC-T01 Logitech M-S34 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Help on securing a personal home network