SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Security > General Network Security

Reply
 
Thread Tools Search this Thread Display Modes
  #11  
Old 02-05-2013, 08:38 PM
stevech stevech is offline
Very Senior Member
 
Join Date: Mar 2010
Location: San Diego
Posts: 4,452
Thanks: 1
Thanked 315 Times in 303 Posts
stevech is just starting out
Default

Your sensitive data on TruCrypt volumes.. If you're like me, those volumes are not open/mounted except when I'm doing work with the files. So the thief gets nada.
Reply With Quote
  #12  
Old 02-05-2013, 11:36 PM
vnangia vnangia is offline
Senior Member
 
Join Date: Jul 2008
Location: Washington, DC, USA
Posts: 130
Thanks: 2
Thanked 1 Time in 1 Post
vnangia is just starting out
Default

Quote:
Originally Posted by stevech View Post
Your sensitive data on TruCrypt volumes.. If you're like me, those volumes are not open/mounted except when I'm doing work with the files. So the thief gets nada.
Fair point... but I think there's multiple categories of data - confidential, private, who-cares; I mean, even the family photos could go on to a TrueCrypt volume, but it would be at ridiculous computational cost. Seems to me that a better strategy would be to make it more difficult to break in, no?

And none of that still address my stupidity - for example, accidentally triggering the installation of the Flashback Trojan on my Mac, because I need to have Java installed for certain work applications.

To wit, I've already taken your excellent suggestion on rechecking the ports both inbound and out on the router and I'm putting together a network map to figure out how machines need to and do not need to talk to each other with the view of splitting up the network with VLANs, as recommended by STX and Tim in the discussion above. I'm still not sure whether that addresses my concerns about accidentally bringing a plague of locusts, but we are basically following all of the steps recommended by Krebs here, with the exception of NoScript which makes life nigh impossible on the modern web - try selecting the charts on SNB, for instance
__________________

---
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -Richard Cook
Reply With Quote
  #13  
Old 02-06-2013, 01:13 AM
stevech stevech is offline
Very Senior Member
 
Join Date: Mar 2010
Location: San Diego
Posts: 4,452
Thanks: 1
Thanked 315 Times in 303 Posts
stevech is just starting out
Default

Viruses, spyware, accidental deletion...
I store data on the NAS, not the PCs.
I image the PC disks every week or so, to the NAS.

The one time I got a bad virus/malware I couldn't eliminate, I just roll in the last image or partition backup. I now have these two backups automated on PCs, using Acronis (I've tried most all, and such as it is, Acronis is the best, IMO).

My main PC - has an SSD boot disk (120GB) and a 160GB mechanical disk. Again, I store no data on these, only the OS and programs.
I use Acronis to clone the 120GB to the 160GB quite often. I don't use the 160GB. Worst happens, I just clone the 160 back to the 120. This has saved my rear more than once. Cloning is better than partition imaging, by far, at the cost of a dedicated drive.

Last edited by stevech; 02-06-2013 at 01:17 AM.
Reply With Quote
  #14  
Old 02-26-2013, 02:20 PM
rquared rquared is offline
New Member
 
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
rquared is just starting out
Default

Quote:
Originally Posted by vnangia View Post
I suppose the more relevant question is, does it make sense to invest in a SOHO/SMB-class UTM appliance to replace my consumer router - is that the right tool to prevent myself from accidental stupidity and a potential light attack from the kinds of people who hacked Honan last year? (By which I mean script kiddies with preassembled tools rather than a nation-state with an army, more than the precise nature of the attack.) I suppose I'm aiming more for deterrence rather than anything else.
Sophos has a free UTM for home use that is awesome. Astaro UTM Home User version has everything (well almost that corp america has and is fairly straight forward. Untangle also has a product I've used for over a year, but just recently switched to Astaro due to the completeness of the offering. I can't recommend it enough for doing exactly what your talking about! You will need a system with two NICs, but they are cheap. Personally I use an Atom Supermicro server with ESXi installed and Astaro as a VM. Works flawlessly!

Wanna dig deeper and get real geeky, check out Security Onion.

Hope that helps.
Reply With Quote
  #15  
Old 04-13-2014, 09:44 AM
vnangia vnangia is offline
Senior Member
 
Join Date: Jul 2008
Location: Washington, DC, USA
Posts: 130
Thanks: 2
Thanked 1 Time in 1 Post
vnangia is just starting out
Default

Forgive me for resurrecting an old thread, but I'd have to post what would be a pretty much identical thread name.

I'm in the market for a new (wired) router, as it turns out my existing E4200 is vulnerable to (and because of some unusual internet behaviour perhaps WAS breached by) the infamous Linksys TheMoon malware. As a stopgap, I'm moving to DD-WRT but I'd really appreciate any advice now on a replacement router / UTM device.

My requirements are relatively modest - we have about 45-50 networked devices, including full-fledged computers and servers, phones, tablets and networked gadgets (examples would be IP cameras, the Nest thermostat, Fitbit Aria). Our primary internet connection is through Verizon's 75/35 FiOS service but I'd also like to have a second WAN port, as we have a backup network connection for when the FiOS headend goes down as it is wont to in the summer. I'd also like to have the capability to segregate devices using VLANs and ideally retire the RasPi that's been acting as a VPN endpoint for when I'm on the road. I've been looking at the following devices, as a consequence, with some of my thoughts:

-Linksys RV042G (unsure about performance, brand name ownership worries)
-Mikrotik Routerboard RB2011UiAS-IN (unbelievable price/performance ratio, impossible to buy in the US)
-Ubiquiti EdgeRouter PoE (difficult to setup, hard to buy in the US)
-Zyxel Zywall USG20 (dislike paying for an ongoing subscription)

I'm leaning towards the Mikrotik if I can ever find it for sale, but I'd like to wrap up and buy something in the next couple of days. Any advice appreciated.
__________________

---
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -Richard Cook
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -4. The time now is 04:03 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  318
sm00thpapa  231
stevech  187
azazel1024  148
KGB7  130
htismaqe  93
philmiami  82
jim769  71
AcostaJA  68
damir  59
RMerlin  5072
stevech  314
ryzhov_al  246
TeHashX  209
RogerSC  187
L&LD  186
joegreat  123
jlake  121
sinshiva  111
sfx2000  111
Most Viewed Threads* Hottest Threads*
Old ASUS RT-N66U...  23172
Old NETGEAR...  12782
Old 3.0.0.4.376.1...  6662
Old Switched...  6367
Old NEW RT-AC68R...  6030
Old ASUS...  5547
Old ASUS RTAC68U...  3404
Old Netgear...  3148
Old N66U daily...  2798
Old ASUS...  2350
Old ASUS RT-N66U...  169
Old NETGEAR...  161
Old ASUS...  62
Old NEW RT-AC68R...  56
Old Switched...  52
Old N66U daily...  47
Old Netgear...  41
Old Which router...  41
Old ASUS RTAC68U...  41
Old TP-Link...  38


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.