How secure is my network?

Discussion in 'Mac Basics and Help' started by joelovesapple, Dec 6, 2008.

  1. joelovesapple macrumors 6502a

    joelovesapple

    Joined:
    Sep 25, 2006
    Location:
    UK
    #1
    Hi there,

    I just wondered how secure my network is, if I described it briefly...

    Basically we have 3 computers on this network - 2 Macs and 1 PC (plus an iPod Touch). All are up to date with patches.

    Then we have a Thomson Speedtouch router with a built in firewall and stealthed ports. I know this by going on www.grc.com Shields UP!. WPA2 encryption with long password, intrusion detection is also activated. Password protected.

    1 software firewall on each computer, AVG suite free on PC with Spybot search and destroy, Windows defender and updated defs every mid week. I also use a Zonealarm Forcefield which works well. I have tightened up the preferences in Safari, Firefox and IE respectively on all machines.

    Both Macs are stealthed too in System Prefs, as well as having all security features turned on. I also have an AEBS hooked up for N connections in bridge mode, which I also assume has a firewall even when operating in that mode? This is connected to the Thomson via ethernet.

    Obviously all user accounts are passworded as well and none run as Administrator. I also forgot to add that our IP is dynamic.

    Just wanted to know how hardened I am against an attack?

    Thanks! We hardly have any trouble but I was wishing for an outside view please. :)
     
  2. trainguy77 macrumors 68040

    Joined:
    Nov 13, 2003
    #2
    is the AEBS encrypted as well? If so it sounds good to me.
     
  3. joelovesapple thread starter macrumors 6502a

    joelovesapple

    Joined:
    Sep 25, 2006
    Location:
    UK
  4. trainguy77 macrumors 68040

    Joined:
    Nov 13, 2003
    #4
    Your set then you don't have anything to worry about.
     
  5. ChrisA macrumors G4

    Joined:
    Jan 5, 2006
    Location:
    Redondo Beach, California
    #5
    OK, seriously now - Firewalls don't do anything for the above kind of attack where they trick the user into doing one thing when he thinks he is doing something else. The above would actually work for some people and it by-passes any network security anyone might have.

    About firewalls. Their only purpose is if a computer on your network s misconfigured. For example why block port X if none of the computers on your network are accepting connections on port X. Same oes for rnning firewal on the computer and the router. Why? We do it because a computer might be misconfigured. But firewalls do nothing to stop the above kind of attack (trojans) or even the ttypical e-mail virus
     
  6. joelovesapple thread starter macrumors 6502a

    joelovesapple

    Joined:
    Sep 25, 2006
    Location:
    UK
    #6
    Well I don't think I'm quite that thick, dude. :rolleyes:

    And you're lucky I did not see your apparent 'offending content'...

    :rolleyes:
     
  7. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #7
    Agree here.

    Do not agree here. There's little overhead to running a general firewall, and blocking all ports except those needed. So, why waste time worrying over port by port, when you can block them all quickly?

    Also, a computer need not be misconfigured, but have ports needed for the internal network but not the external. Active Directory and/or File Sharing comes to mind when a web server is attached to it. You don't want the file shares or AD ports open, when you only want external visitors to see TCP 80.
     
  8. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #8
    To note, no firewall is there when configured this way. This puts all ports onto one VLAN so there's no routing and there's no firewall between the ports.
     

Share This Page