Doug,
Changing/adding a password and changing the name of the network is
more than 90+% of the population can be bothered to do these days
-which is what makes them so susceptible...
NAT and firewall are a good start - I'm somewhat on the paranoid side
(being a life-long IT type guy) and I'm aspiring to implement a system
similar to the DISA's HBSS (Host Based Security Solution) that gets
deployed to all ADP assets in the DoD...
The way that my setup works is that the hub (a relatively dumb device,
by networking standards) is inserted between the ISP and the router -
since the ISP delivers my broadband connection as a pure Ethernet
drop, I can use the hub to connect another machine in, before the
router level, and "sniff" all of the traffic going back and forth.
Using a product like Wireshark (free software, highly recommended,
been using it for years), I can look at all of the traffic that's
leaving my network as well as what's coming in from the ISP. See
where data is coming from, where it's going... full transparency of
all of the data going back and forth as well as the content. By
dumping all of this over to a second machine that acts as a simple
recording and analysis system, I can track hacking attempts, attacks,
etc. and report them as needed.
--- A
"InfoSec - it pays to be paranoid..."
On Fri, Jul 4, 2014 at 7:38 AM, doug <douglasrankine2001@xxxxxxxxxxx
<mailto:douglasrankine2001@xxxxxxxxxxx>> wrote:
Hi Andrew,
Tx for the information...I had a look at the url you provided> I
didn't really understand all this techy stuff and it is nice to
have it explained in a language I can understand. I have, on a
number of occasions looked at my router, but I must say, apart
from securing it with a password and changing the name of the
network, I am frightened to touch any of the settings in the
router in case I screw things up, so I leave it at the default
position.
I have a wireless router and a home network, and a number of
devices such as computers, tablets, mobile phones and a printer
and a back up disk which are connected to it on occasion. I
understand that the home network and the one connected to the ISP
are separated by a NAT or firewall which is supposed to protect my
home network from outside intrusion.
What would be the benefit of putting in traffic analysis software
and what kind of software would you recommend, and where would I
put it...in my computer or on the phone line...In this area we
have poor broadband width anyway so downloads and uploads are very
slow.
ATB
Dougie.
On 03/07/14 19:34, Andrew Hornback wrote:
Ryan,
Good points, but I think this might explain part of my tactic -
http://www.asante.com/support/routerguide/faqs/hardwared.html
Understanding the differences between hubs, switches and routers
is paramount to starting to understand TCP/IP...
--- A
