RE: Protecting Multiple Public IP Workstations

["Preston, Tony" <Tony.Preston () acs-inc com>]

I have a linksys router and have a question...  It has a minimal port
filtering capability.  I block a couple of ports (135-139, 445), and
wondered what would be a suggested list of ports to block traffic based on
known virus/trojans.

Tony Preston
Systems Engineer, AS&T Inc.
Division of L3 Corporation
(609) 485-0205 x 181


-----Original Message-----
From: Paul Kurczaba [mailto:paul () myipis com] 
Sent: Friday, February 27, 2004 7:52 PM
To: MATT GIBSON; security-basics () securityfocus com
Subject: Re: Protecting Multiple Public IP Workstations

First of all, it's never a good idea to assign public IP's to workstations
on a networked environment (this type of environment is a hackers wish come
true). If you are not hosting services on all six IP's, you can buy a
$100-$150 firewall/router at compusa (I would recommend Linksys or Netgear).
Most have 4 or 8 ports. If the firewall/router you buy only has 4 ports,
also pick up a 4 port switch (it's about $50-$70). If you need all 6 IP's
(for hosting HTTP, FTP, SMTP, etc.), you should probably get a CheckPoint
FW-1 or a Cisco PIX. Also, if you havn't already bought the Win2k server, I
would suggest Server 2003 instead. It takes less than 10 seconds to boot,
the OS is faster, and more secure than 2000.

just my $0.02

-Paul Kurczaba


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
----------------------------------------------------------------------------