[NTLUG:Discuss] Re: firewall/router to protect M$ box

Leroy Tennison leroy_tennison at prodigy.net
Mon Jul 18 04:57:36 CDT 2005 

Robert Pearson wrote:

>On 7/15/05, tr_data1 <tr_data1 at ev1.net> wrote:
>  
>
>>...[snip]...
>>If your main box was/is Linux, would you still have a separate machine
>>for the firewall/router? I have a k6/233 not being used right now but
>>it doesn't seem worth the elec$/heat/space expense vs running on my
>>main box. What are the advantages? I can't imagine such a task would
>>consume much ram/cpu/disk. Right? Or is it a matter have having all
>>the ports, etc more tightly controlled on the firewall/router box?
>>    
>>
>
>Take a look at the DFWUUG Wiki site---
>
>http://www.dfwuug.org/wiki/Main/SOHOProtectStrategy
>
>At the bottom of the page under the heading " Enterprise-like SOHO
>Protect Strategy"
>are two Strategies for SOHO Security---
>
>    * Technology Investor-Harry Newton Jan072005
>    * Web Informant-David Strom Jan102005 
>
>My SOHO starts with a Linksys DSL/Router/4 port switch with NAT. 
>I have used this DSL/Router on both DSL and Cable without problem.
>Maybe I have just been lucky.
>I started my SOHO with Windows 2000 and now it is all Linux, SuSE 9.x
>and FC4, with Windows 2000 dual booted for legacy apps on a couple of
>machines.
>
>In addition, each Windows 2000 machine has always had the free
>ZoneAlarm software firewall and Norton (Symantec) AntiVirus before I
>retired. The Norton cost has been replaced with free Grisoft AVG
>(free.grisoft.com). I have been very happy with Grisoft AVG.
>
>I do updates 2-3 times a week and a complete scan once a week on all
>Windows machines.
>None of the Windows machines receives email. I use Gmail.
>
>My brother is on a dialup line and lost his Windows 98 machine to a
>virus, which I believe came from an infected file. Could have been
>email. He had stopped updating his McAfee AntiVirus because it wasn't
>free anymore.
>He lost his entire Windows XP machine to an Internet based virus.
>Microsoft has supposedly fixed this now.
>
>I run the built-in firewall software on all the Linux machines and
>they are all behind the Linksys NAT router. I am probably just lucky.
>I don't know enough to know if I am protected or infected from
>Intrusion-ware.
>
>Stand-a-lone firewalls are more important if you use Linux servers for
>Web and email. I run peer-to-peer and use external Gmail. Take a look
>at xcssa.org for firewall starter info.
>
>Back of these you may need to look at Spyware and Ad-ware detection
>and removal software for the Windows machines.
>
>Another good thing to look at is using "dd" to make backup images of
>your Windows machines to your *nix machines. This enables quick
>restores.
>
>I have the OS, Apps and User Data physically segregated on all my
>machines. There is no permanent User Data on an internal disk. All
>User Data is stored on external USB and FireWire drives and replicated
>with "rsync" to at least two drives. Historically important but
>unused, or very low use, Information is put on a CD, or DVD now.
>This is very useful when Windows machines take a hit in the OS
>partition. My Windows 2000 OS partition is sized at 6 GB but only
>about 3.5-4 GB is used. That is a much faster restore than 10-20 GB of
>OS, Apps and User Data. It also boots and runs faster.
>
>"dd" and "rsync" are two of the best friends I have ever had.
>
>Hope this helps some,  Robert
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss
>
>  
>
Idid do some looking around, any particular part of the site?

More information about the Discuss mailing list