Securing Your Home Network - Page 2
OK, lets make this a little more difficult. Lets say that the Smiths neighbor, Mr. Jones, has four PCs all networked together. To make it interesting, they are not all Windows machines; lets run some flavor of Linux/UNIX as well. Heck, lets run more than one flavor! Weve got Red Hat and FreeBSD, Windows NT, and Windows 95. Yikes! Now what does our Mr. Jones do?
Fear not -- there are more than a few ways to approach this, with only basic differences among them. And again, they can come reasonably cheap. First, Mr. Jones has to decide which of these machines will handle the role of gateway/firewall. The cheap way is to let one of the Linux machines face the outside world, because there are so many good, FREE security programs available for Linux. In fact, one of them -- IPCHAINS -- is even built into the kernel on many current versions of Linux. Red Hat 6.2 includes it, for example.
If you go the Linux route, in addition to running IPCHAINS you could also install a firewall. Some firewalls are available free for personal (but not commercial) use (www.firewall4linux.com), and others are available commercially. Youll need to look at the features, price, availability, ease of installation, and so forth, before you decide which is right for you.
If Windows is to be the gateway, the idea is the same, but the average price may go up on the software. On the other hand, finding what you need and setting it up will probably be easier.
|"The main point about anti-virus software is that you have to keep it up-to-date."|
Once the firewall is in place, youll still want to have your anti-virus software handy. This shouldnt add any cost--you already had it, right? The main point about anti-virus software is that you have to keep it up-to-date. Old anti-virus files arent very good for new and previously unknown viruses. You might want to think about updating the anti-virus every two weeks or so. Also, for the truly paranoid, additional software can be added that will detect changes to critical files, check for any security holes, send warnings, or take action in case someone should manage to sneak past the front lines. Once again, this isnt necessarily an expensive proposition. Several books on computer security include CDs with samples of such programs. One such book is "Halting the Hacker: A Practical Guide to Computer Security," but there are many other books that also include security software on CD.
Of course, our Mr. Jones may choose to be more exotic in his solution. He might add a filtering router as the gateway and install firewalls on all of his PCs. He might buy a hardware firewall as the gateway and still install firewalls on all his PCs. He could also set up vastly complex trust relationships across his equipment, and so on. For most of us though, just the basics will do nicely.
Secret Decoder Rings
A great method for another added level of security is the use of encryption. Several tools are available to assist in encrypting; one of the most common is PGP Desktop by NAI (www.nai.com) software. The PGP desktop software provides a quick and easy way to provide high levels of encryption to email, files, network connections and more. PGP is also freely downloadable from MIT (Web.mit.edu/network/pgp.htm l), only for personal use. As always, please pay attention to the conditions spelled out in the licensing.