Security Basics mailing list archives
Re: Internet Cafe
From: "Nick Shapley" <nick.shapley () ntlworld com>
Date: Fri, 17 Jan 2003 21:43:08 -0000
Linux is the way to go. I use Squid to throttle certain downloads on my network. If you haven't already found it, check out http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/ As for monitoring, you could even use something like snort to alert you of both external and internal threats. Make sure NTFS permissions are set on the W2K boxes (and use them!) and limit them to save to only to a network drive. You can set Linux up with the latest Samba and it will act as a W2K DC (the clients can't tell the difference!), another think to mention is that it might be worth using some form of imaging software, such as Norton Ghost to distribute the clients, especially when patching etc. Regards, Nick ----- Original Message ----- From: "Matti Haack" <m.haack () haack-it de> To: <security-basics () securityfocus com> Sent: Friday, January 17, 2003 11:56 AM Subject: Re: Internet Cafe
Anyways, anyone got any suggestions/comments on what I really have to look out for? I'm thinking it should be reasonably secure, but in places like this you always have the added risc of people wanting to damage the OS/system or use it as a place from which to attack others.Install a personal firewall. (www.kerio.com) I suggest kerios Personal firewall for some reasons: - You can create a policy file on one maschine and copy it to all the others - The Firewall administration can be looked down with a password - It calculates MD5 Chekcsums for all used applications, so that you can't rename a forbidden aplication to a allowed and pass the firewall with this. - It knows trusted adress groups, maybe to allow some more network Traffic inside your cafe (for games etc.) Allow only IE and whatever you like to allow for your customers. Switch off learning mode, set a password. So noone can use newly installed Internet Software like Kazaa or a massmailer. with best regards Matti Haack - Matti Haack - Hit Haack IT Service Gmbh Neuburger Strasse 35, D-94032 Passau +49 851 50477-22 Fax: +49 851 50477-29 http://www.haack-it.de
Current thread:
- Internet Cafe Ferry van Steen (Jan 15)
- RE: Internet Cafe Nicko Demeter (Jan 16)
- Re: Internet Cafe Matti Haack (Jan 17)
- Re: Internet Cafe Nick Shapley (Jan 17)
- RE: Internet Cafe b4rtm4n (Jan 21)
- <Possible follow-ups>
- RE: Internet Cafe Terry Peterson (Jan 16)
- Re[2]: Internet Cafe Marc Cuypers (Jan 17)
- RE: Internet Cafe Jason Burzenski (Jan 17)
- RE: Internet Cafe Jason Dixon (Jan 20)
- Re[2]: Internet Cafe Malte von dem Hagen (Jan 21)
- Re: Internet Cafe Igor D. Spivak (Jan 21)
- RE: Internet Cafe Stephen A. Santos (Jan 17)
- RE: Internet Cafe DeNoyer, Rick (Jan 17)
- RE: Internet Cafe Ogden, Earl (Jan 17)
(Thread continues...)