Security

Post by **corpse** » Sun Oct 09, 2005 7:11 am

Just curious:

I'm wondering if there is a huge difference in security between these 2 systems or just a little.

1) Internet connection hooked into a router and then into the computer.

2) Internet connection hooked into a computer with an OS and nothing else and then that computer into a router and then another computer with programs and stuff behind the router.

Post by **Tormentius** » Sun Oct 09, 2005 7:29 am

The second sounds pretty pointless from a security perspective. Instead of having both workstations somewhat protected behind the router one is left completely open.

Post by **+JuggerNaut+** » Sun Oct 09, 2005 9:39 am

#1

#2 is just as torm says - pointless and a waste of a box.

Post by **Foo** » Sun Oct 09, 2005 12:49 pm

Depends entirely what you mean by 'an OS and nothing else'. Operating Systems are not equal, and there are Linux dedicated firewall/routing builds out there which provide enterprise-level firewall capabilities.

Post by **+JuggerNaut+** » Sun Oct 09, 2005 5:05 pm

Foo wrote:Depends entirely what you mean by 'an OS and nothing else'. Operating Systems are not equal, and there are Linux dedicated firewall/routing builds out there which provide enterprise-level firewall capabilities.

no offense Corpse:

he seems to have problems getting around XP. no way is he talking about any kind of linux distro for an OS.

i agree though, that WOULD be an option if configured correctly and you had a spare box laying around. i've done it with Mandrake and even through a couple of live distros for fun.

Post by **corpse** » Mon Oct 10, 2005 1:30 am

Tormentius wrote:The second sounds pretty pointless from a security perspective. Instead of having both workstations somewhat protected behind the router one is left completely open.

I understand that, but I thought it would protect my 'real' computer better. I guess I should have asked about using a proxy instead.

Post by **Tormentius** » Mon Oct 10, 2005 1:39 am

corpse wrote:
Tormentius wrote:The second sounds pretty pointless from a security perspective. Instead of having both workstations somewhat protected behind the router one is left completely open.
I understand that, but I thought it would protect my 'real' computer better. I guess I should have asked about using a proxy instead.

A proxy is an unnecessary level of complication. Put all PCs behind the router and let it do what it does best.

Post by **corpse** » Mon Oct 10, 2005 3:17 am

OK thanks for the thoughts.

Post by **Foo** » Mon Oct 10, 2005 3:59 am

corpe, my personal take on internet security is the following:
The most essential tool is a software-based firewall. But you have to know how to use it to be truly secure.

Hardware and Software firewalls accomplish different goals. Hardware firewalls use the ports on your PC and the generic types of network data to determine what is and is not allowed. Software firewalls on the other hand look at other factors like the application which is sending and receiving the data, and where it's being sent/where it's coming from.

Also one final point: The only way your PC gets attacked/infected is if there's something on your PC which is vulnerable. If there is nothing vulnerable on your PC, there's no need for a firewall of any kind. Unfortunately, this is an impossible pipedream... new vulnerabilities are found in all operating systems and applications daily. But one point that can be taken from this fact is that you're better off keeping everything up to date (patched), running the latest virus scanner and running it regularly, and being selective about the nature of data you download (warez, porn, .exe), and the sources you obtain data from.

I hope the blob of text above makes sense. It's 5AM, in my defence

Post by **corpse** » Mon Oct 10, 2005 5:14 am

It does, thanks