$Home Network=????????? NNSA, huh? Hmmmm...sounds interesting, Sandy. The answer to your question is completely dependant upon the configuration of the home network. We might assume it has an Internet connection, since you've considered ShieldsUP. Is the Internet connection persistent (always up/on)? Does the network have mail, dns, web, or ftp servers. Is the network protected by a firewall? What OS are the hosts running? Are you doing any Intrusion Detection. Are multiple hosts networked via a hub or a switch? Don't reply with the answers, of course. These are all questions you must ask yourself in doing *your own* vulnerability assessment. You don't need no stinking online services, Sandy. If you dig your heels in and do this yourself, when you're done, you'll *know* if it's secure or not. All of the automated tools in the world won't really answer your question, Sandy. They will only serve to lull you into a false sense of security (unavoidable pun). You probably won't like this advice, but if I were you, and your network is exposed to the internet, and you clearly don't know if it's locked down, I'd err on the side of caution & presume I've been compromised. There is really no point in trying to secure a compromised box, right? Unplug, format, reinstall, secure. I'd start here: http://www.spitzner.net/. Before you're done you need to try to find out what vulns/exploits are out there for *everything* you're running. E.g., do you have a web server? If it's Apache, what can the httpd.conf file do for my security? Is OpenSSL installed? What version? What's in the cgi-bin directory? You're not just protecting yourself, you're protecting your fellow netizens. Remember, they don't pop you because they want what's on your boxen, they pop you so they can use you as a launchpad/scapegoat to go after someone else. If they go after the wrong people using *your* equipment...you could have a LOT of explaining to do. I hope this helps. Sandy Turner <sltat_private> To: pen-testat_private cc: (bcc: Martin Wasson/STL/MASTERCARD) 05/26/2003 03:47 Subject: Secure Home Networking? PM Any suggestions on tests to run to judge the security of a home network? There are a number of online port scanning services (e.g. ShieldsUP http://grc.com), as well as the standard Nessus and nmap tools. --------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ---------------------------------------------------------------------------- --------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue May 27 2003 - 08:14:25 PDT