Security Basics mailing list archives
Re: Setting up secure windows xp network
From: James Taylor <james_n_taylor () yahoo com>
Date: Thu, 29 May 2003 17:54:53 -0700 (PDT)
Anna, If you go down the Zone Alarm route use..... http://forums.zonelabs.com/zonelabs "but found out that I couldn't set my internet connected network card to be in the Internet Zone, the NAT wouldn't work. The only way it would if it was placed in the Medium Zone" This sounds very odd, it will normally detect it out of the box. If you used Zone Alarm Pro (the $49 version?) then it will do that. You do *not* have to set the bar to Medium for the Internet Zone and it is not reccommended. On the gateway machine, where ZA is installed, you will also need to add any external servers you use i.e. IP & port to the trusted zone e.g. your mail provider. This will allow machines internally to access those services (to pick up and send mail). By default it should also allow the basic web surfing service, but if not, once you start to surf on one of the machines, ZA will detect these outgoing packets and and a box will pop up asking if you want to allow x service (e.g. port 80) to be allowed to connect to x.x.x.x? Say yes. In the advanced tab for the 'Internet Zone' there should already be a tick in the box 'Allow outgoing DNS requests' (or something like that). It does work, really. Regards & Good Luck. James --- SML <sml () ukf net> wrote:
I'd like to thank everyone for their input. I've tried several different configurations over past several days. I didn't like ICS with Windows own firewall. So I went to ZoneAlarm Pro, but found out that I couldn't set my internet connected network card to be in the Internet Zone, the NAT wouldn't work. The only way it would if it was placed in the Medium Zone. I wonder how secure it is this way? Am I too paranoid? :) Then I learned about Kerio WinRoute Firewall which in fact consist of NAT and Firewall all in one. Can anyone share their thoughts about it. I mean how good or bad it is in all aspects. I'm going to try the trial version today. Regards, Anna -----Original Message----- From: Lachlan McGill [mailto:Lachlan.McGill () au logical com] Sent: Tuesday, May 27, 2003 4:30 AM To: 'SML'; security-basics () securityfocus com Subject: RE: Setting up secure windows xp network As a very simple method, you can try just blocking ports on the network card level in its TCP/IP properties. This is very simple and also not necessarily the most secure. You should be able to get some success with third party apps such as Nortons, Mcafee and Zone Alarm. Its just a matter of configuring them properly to suit your setup. -----Original Message----- From: SML [mailto:sml () ukf net] Sent: Friday, 23 May 2003 12:57 AM To: security-basics () securityfocus com Hello list. I'm in the process of securing Windows xp prof network, consisting of 5 computers. We use "workgroup" configuration. Also the computers are conected to internet through windows 2000 gateway computer with 2 network cards, where one card connects to ADSL router. NAT software is in place on the gateway. I'd much appreciate if somebody could point me to the internet recourses, or give advise on how to make the most of windows own security features, policies etc. Also what software firewall could we use on the gateway, since after trying norton and mcaffe firewals, we couldn't access the intrenet. Thanks, Anna
---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Setting up secure windows xp network SML (May 22)
- RE: Setting up secure windows xp network Manuel Fernandes (May 23)
- <Possible follow-ups>
- Re: Setting up secure windows xp network Chris R (May 23)
- Re: Setting up secure windows xp network Kenzo (May 26)
- Re: Setting up secure windows xp network m g (May 23)
- RE: Setting up secure windows xp network Lachlan McGill (May 27)
- Re: Setting up secure windows xp network Danny (May 28)
- RE: Setting up secure windows xp network James Taylor (May 28)
- Setting up secure windows xp network SML (May 29)
- Re: Setting up secure windows xp network James Taylor (May 30)
- RE: Setting up secure windows xp network wjnorth (May 29)
- Re: Setting up secure windows xp network Chris Berry (May 29)