what else can i do to improve security on my network and computer?
I have installed trend micro virus 2007, enabled windows firewall, installed a program to wipe my cache, and encrypt all my files with 256 bit encryption. what else can i do to improve my privacy and security on my computer. I was also wondering if there is a way to protect my wireless network more than i am right now than just with the pass key?
I have a two year old Sony VAIO notebook with windows vista home premium, and a seven year old dell desktop running XP hime SP2.
I meant to say XP Home SP2
Disable the Guest Account and Administrator account on your computer. Create an account with Administrative privledges and give it a complex password. Use an account with restricted or Power-User privileges.
Turn on WEP and WPA on your wireless router, provided you are using wireless.
If you can, setup your router to block all wireless MAC addresses except the one of your laptop.
Give the router a complex password.
Setup the router to port forward to all un-needed open ports to a non-existant IP on your network.
Try to use sites with secure logins. “https://”
Try to have many complex passwords as you can.
NETWORK WIRELESS SECURITY
I assume that you have other working computers on your network, and that you have a wireless router.
Access your router configuration:
open ie in the address bar type 192.168.1.x to login to your router (x=the ip address of your router, generally 0 or 1)
look for the mac address table, it is possible that it has been configured to only allow certain mac addresses (only those listed) and none other.
Ensure wireless is turned on in the router configuration.
Verify that the encryption type and key are the same for both the wireless adapter and router.
This being true:
Start, Run, type CMD, type IPCONFIG /ALL
the description of your ethernet adapter will include the mac address (looks like this xx-xx-xx-xx-xx-xx).
Write down the mac address and program it into the router mac address table.
Note: the router ip address will also be shown as the default gateway.
Good Luck
Firstly sorry about the length of this.
Security is all about layers. By the sounds of it at present your layers are as follows.
Router:
basic nat security.
Computers:
Windows basic firewall,
trend antivirus.
There are a lot of things you can do to beef up security.
The easiest thing to do is look at the layers. For example if your computer gets a virus trend can’t pick up, ie one written specifically for you, or a fairly new one, and this virus makes a connection out to the internet the windows firewall and the basic nat firewall on your router will let it. This can be negated somewhat by not logging onto the computers as administrator, but there are still viruses that don’t care.
Best bet is to get an active firewall on the clients, that would replace the windows firewall. Zonealarm is fairly good and free, or Kerio personal firewall. These will monitor every program and process that tries to connect to the internet. But you should disable the windows firewall, otherwise the windows firewall may block zonealarm and vice-versa.
Another step to take on the computer side of things would be to add a second non-active scanning antivirus, for this I recommend clamwin http://www.clamwin.com
Clam is free, won’t stop other antivirus from working, and is usually the first to find a new virus. Keep it up to date and scan any file you download with it, before you run it.
Next on the clients, updates, updates, updates. Keep your Windows up-todate with microsoft updates. Over 80% of viruses are negated by an update. Keep your antivirus(es) up to date, as they can’t find viruses they don’t know about. Keep your firewall up to date, as althought it can block threats it doesn’t know about, it does a better job updated. Another thing to do on windows is go into start and run type services.msc and look at what is running, look into what you need and disable services you don’t. This will require a bit of research, but if a service in there has a security flaw, and it is activated even if you aren’t using it, it could be exploited.
Next layer up from the computers is the network.
First thing to look at is who has physical access to your network. If you are running wireless, run wpa at a minimum. Wep has been proven to be able to be cracked in minutes even by an amateur with free tools available on the internet. As another step you can plug your wireless into a seperate network and run a Virtual Private Network(VPN) across it to really secure it, but WPA is enough.
Also look at who can plug into your network, can a roomate sit on your network and sniff packets, if so run IPSEC to encrypt all data on your network.
Next put in a dedicated firewall, something like a cyberguard sg300 that has statefull packet inspection(SPI) and intrusion detection (IDS). Or if you are on a budget look at openwrt or smoothwall or ipcop. This firewall will act as your second line of defense beyond your router. If your router is compromised they will then have to compromise this to get in. If you are running and IDS on here you will know as soon as they attempt to get into this second line.
Now on your router, turn off any features you don’t need. Don’t forward ports anywhere that you don’t need, forwarding means they are an open path into your network. If it has remote administration turn it off. And update it to the latest firmware available from its manufacturers website.
So by the end of all this your layers will be as below.
Router:
basic nat security.
Firewall
SPI, IDS, port blocking.
Computers:
Active firewall, blocking incoming connections and outgoing programs.
trend antivirus.
Clamwin antivirus
Thats about it, bear in mind though, if someone gets physical access to your computer there is nothing you can do so the next step is to beef up your home/office security.
You should surely try this http://www.google.com/custom?hl=en&ie=ISO-8859-1&oe=ISO-8859-1&client=pub-4633310462021467&channel=9170675625&cof=FORID%3A1%3BGL%3A1%3BLBGC%3A336699%3BLC%3A%230000ff%3BVLC%3A%23663399%3BGFNT%3A%230000ff%3BGIMP%3A%230000ff%3BDIV%3A%23336699%3B&q=computer+networking&btnG=Search
there are some resorces related to your Query.
I hope that helps.
Regards
Abhinav