Making a home network secure

Discussion in 'Networking and Computer Security' started by Atom, Jan 9, 2010.

  1. Atom

    Atom Geek

    Likes Received:
    0
    Trophy Points:
    6
    I posted this on another forum and got one suggestion, to consider using a cd based os which would be impervious to attack. I think bootup from cd would be slow and updates would be a pain so I'm reposting my question here to see what other ideas to consider.

    Here it is:

    I have a home network consisting of 4 computers; 2 wired and 2 wireless. I have never encountered any security issues or viruses, but a recent road trip and one other incident are causing me to rethink my security measures. One of the computers is relatively new (running Vista) and on a recent road trip it became infected with a fake alert virus. I have no idea how this happened, but I suspect it was acquired while using a hotel network. The other two networks I used while traveling were ones where the only other computers were Macs and both of them were using wireless security.

    Two of my computers are older and I only use them for browsing and email. They are old so I'm using minimal OS to make them perform at an acceptable level, and I don't want to add things like antivirus software which will slow them down. I've been running this way for a while and without windows firewall and have not had any problems. Even if these two computers get infected it's not a concern because there isn't much on them that I would be afraid of losing.

    One of the computers is for business and has lots of information I would not want to lose. Important files are backed up weekly, but there is other information that I don't want compromised. The other incident which I referred to above was being notified by a web based company I do business with that their files had been broken into and in all likelihood my credit card number was in someone else's possession.

    So here is my question. How can I maintain my network with the 4 computers, two of which have minimal or no security features and make sure that nothing can get from the two vulnerable ones to either of the other two?
     
  2. BoBBYI986

    BoBBYI986 Geek

    Likes Received:
    1
    Trophy Points:
    18
    Hi for all your machines make sure you use a firewall and Antivirus, I will recommend using Comodo firewall/antivirus without a doubt best free firewall/antivirus ive ever used.

    And for your wireless, I would recommend using WPA2 on your router and a SHA-1 hash calculated password. just type in SHA-1 hash calculator on google and you can encrypt your passphase into SHA-1. Also enable MAC filterings on your router if it's available.
     
  3. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    Macs don't generally get viruses, as they have better security by design than Windows. But if you really care about security, consider migrating to Linux. It's fast, light, and doesn't need an antivirus.
     
  4. Atom

    Atom Geek

    Likes Received:
    0
    Trophy Points:
    6
    I presently do all the browser work I can on a Ubuntu machine. It is a roughly ten year old Dell notebook and it performs quite nicely running Chrome. But that's all I use it for.

    Thanks for the feedback.

    tom
     
  5. RHochstenbach

    RHochstenbach Administrator

    Likes Received:
    26
    Trophy Points:
    48
    Actually Macs get usually hacked the quickest during the famous hacking challenges. But Macs don't get viruses often because they mostly are designed for Windows only. Even the firewall of OS X is disabled by default.

    But Linux is much safer because it can by modified in any way possible. Thought there was a distro that was designed specifically for security, but I don't recall its name at the moment.
     
  6. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    In some, yes. In others, second to the usual suspect. But with the built-in security features turned on, it's not bad.

    There are a lot actually. :) For example, 3 off the top of my head:

    http://annvix.org/
    http://www.engardelinux.org/
    http://www.openwall.com/
     
  7. HardwareHunter

    HardwareHunter Geek Trainee

    Likes Received:
    3
    Trophy Points:
    0


    Comodo is definitely a good suggestion I agree with you on that one.
     
  8. Atom

    Atom Geek

    Likes Received:
    0
    Trophy Points:
    6
    I don't understand this statement. Are you saying that MS is more constrained in the ways in which they can change windows to prevent attacks? If that's true, why do I have to put up with all these friggin updates? Don't people just attack Windows because it's the establishment.

    tom
     
  9. Anti-Trend

    Anti-Trend Nonconformist Geek

    Likes Received:
    118
    Trophy Points:
    63
    I don't understand his statement either, but I'll give my $0.02 on the underlying topic. Linux is secure because its a UNIX-like system, which was designed to be multi-user from the ground up. This means that good user-privilege separation isn't just a feature, it's part of its core design. Windows is a mess in this regard, and security has never been a high priority for Microsoft.

    To answer your question, MS software is attacked constantly because it's a) widely used and b) very insecure. These hacked Windows boxes become part of larger botnets, which can then be used as tools for a variety of nefarious purposes.
     
  10. RHochstenbach

    RHochstenbach Administrator

    Likes Received:
    26
    Trophy Points:
    48
    Like anti-trend already said, UNIX is more secure. To clarify my statement, Linux can have a custom kernel. You throw away all the unnecessary junk and therefore limit the options that hackers use to gain access to the system. That can't be done with Windows.

    And furthermore, Windows gets patches on every 1st tuesday of the month. So if there's a vulnerability on the 1st wednesday of the month, users need to wait at least 1 month (29-30 days) before the next patches appear on Windows Update and hopefully there's a fix for that vulnerability.
     
  11. donkey42

    donkey42 plank

    Likes Received:
    9
    Trophy Points:
    38
    while it is possible to use a Live CD to take care of security a far better way to handle it with a Linux router which is just an old system with an OS like IPCOP / Pfsence or one already mentioned by AT, IPCOP seems to be the preferred choice as it now hosted on sourceforge, so the chances are that you will receive more support with IPCOP if you have problems

    BTW: i´ll soon be building my Linux router but i just cant decide whether to build a cutom kernel, build xfree or XORG or build a Linux router
     
  12. HardwareHunter

    HardwareHunter Geek Trainee

    Likes Received:
    3
    Trophy Points:
    0
    Yes i really agreed your idea , linux and mac os is nice os, it is free from virus and easy to use. Linux can be download as free. I like that.
     

Share This Page