On 11 Sep 2005, at 12:56, John Gay wrote:
> Well, I've got a Ripwave modem for internet access until Irish
> Broadband can
> setup my 2M link, which is then plugged into a U.S.Robotics Wireless
> router
> which is then networked to my Linux box, my Daughters old WindowsXP
> box and
> providing a wireless link for her new laptop.
Your duaghter gets a new laptop, and you're getting a shiny dual
Opteron, and from Peats at that? Lottery, dead relative, or new job (in
declining order of lucrativity :-) )
> My question is, how worried should I be about security?
Somewhat.
> The Ripwave offers nothing concerning password setup
The Ripwave as such is not a problem.
> and I haven't dug too deeply into U.S.R. docs about this.
This is where you need to do some configuration.
> On the WindowsXP box I've run Ad-Aware and clamAV
Always a good idea on Windows.
> Norton AV software since it ran out, but I haven't run anything yet on
> the
> laptop.
If it's also running XP, also install Ad Aware, and maybe SpyBot Search
and Destroy, and some anti virus - ClamAV or AVG Free.
> I am thinking at the very least I should setup some kind of password
> for the
> wireless router to keep the casual user from strolling near the house
> and
> surfing on my broadband
Enable WEP or preferably WPA on the router. Be aware that WEP is now
completely insecure against the determined attacker, but it still
provides protection against casual attackers. You could also restrict
access to your router by MAC address. Again, not going to stop the
determined attacker, but it does provide yet another layer of
protection against casual attackers.
> and possibly peeking inside our PC's when they're on.
Do you run anything on your PCs which lets people "peek inside" them?
> But what about attacks from the Internet side from IB?
Unless you have set up some kind of port forwarding on the U.S.R.
router your internal systems should be safe from internet attack, as
they are not reachable from the world. Mind you, it has not been
unknown for such little router devices to have e.g. configuration
interfaces visible to the world via some oddball port. Googling for
your particular device would be a good idea.
> My previous setup used a Smoothwall box for Internet access which
> provided my
> peace of mind. Now I'm not so sure?
Well, you're now using the U.S.R. box in place of the smoothwall box.
Same principles apply. I'm sure you could also use the Smoothwall box
with the Ripwave device, and use the U.S.R. router only to do the
wireless part, if you're more comfortable with the Smoothwall box.
Niall
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
