Re: LAN Security
From: Karl Levinson [x y] MVP (jamescagney90210@excite.com)
Date: 10/19/02
- Next message: Karl Levinson [x y] MVP: "Re: Switch Security"
- Previous message: Karl Levinson [x y] MVP: "Re: Message Services"
- In reply to: WillieC: "LAN Security"
- Next in thread: NeoSadist: "Re: LAN Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] MVP" <jamescagney90210@excite.com> Date: Sat, 19 Oct 2002 10:31:29 -0400
"WillieC" <williec00@hotmail.com> wrote in message
news:6d4601c276e6$6cd02090$37ef2ecf@TKMSFTNGXA13...
> I am the new network admin for a small business with 2
> Win2K Servers (only one AD and it is PDC emulator), one
> Small Business Server 4.5(BDC) and about 25 workstations.
> I just accepted this position and there is NO security on
> the network. We have internet access running through a
> VINA router. The router is 10.0.0.1 and that is my
> gateway for all computers. Can anyone suggest a security
> approach? I don't know a lot about firewalls but from
> what I gather it needs to sit on a machine that is the
> router and gateway. I need an inexpensive, yet secure way
> to monitor and lock down the network. PLEASE HELP!!!
There's a lot to learn to make a network secure.
Inexpensive firewalls include Linksys, Netgear, Netscreen, or you can
download and build your own linux / BSD firewalls that boot from a single
boot floppy or CD on an old 486 PC, such as ClosedBSD, IPCop, Smoothwall,
Gibralter, etc. Those would be free. The firewall would probably go behind
your router though that would require some changing of IP addresses and
subnets on your router [unless you set up a linux firewall to be a
transparent bridged firewall / ethernet bridge, which doesn't require IP
address changes]. Linux may sound scary to someone not familiar with it,
but some of the solutions mentioned are menu or GUI software aimed at SOHO,
home users and beginners.
You also want to secure the machines on your network. All
service packs and patches installed, configured using one or more hardening
checklists
such as the ones at www.microsoft.com/technet/security and www.nsa.gov etc,
antivirus that downloads updates daily, run vulnerability assessment scans
such regularly such as MBSA from www.microsoft.com/download and the free
languard network scanner from www.gfi.com, you might also want to enable
logging and auditing, use a file change checker like Languard file integrity
checker [free] at www.gfi.com under the white papers section, etc etc.
- Next message: Karl Levinson [x y] MVP: "Re: Switch Security"
- Previous message: Karl Levinson [x y] MVP: "Re: Message Services"
- In reply to: WillieC: "LAN Security"
- Next in thread: NeoSadist: "Re: LAN Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
