Protecting a local area network in a home or small office is relatively easy. You can sit down in front of each computer to check its security settings, and you can stroll down the hallway and see exactly who's using each computer on the network. But all that changes as soon as you connect your network to the Internet.
Unless you carefully consider security when configuring your Internet connection, you could end up inadvertently extending the borders of your local area network far beyond those you intended. In a worst-case scenario, where your Internet connection is inadequately protected and you haven't installed the latest security patches for Microsoft Windows, a stranger from halfway around the world could join your network, which would then no longer seem nearly so local. Given enough time and motivation, an attacker from the outside could poke around in confidential data, sabotage files, or hijack your connection and use it as a launching pad for attacks on other Internet hosts.
As we explain in this chapter, you can choose from a wide range of options for connecting your local network to the Internet. Cost and complexity are the two considerations that most people focus on first, but we believe security should be at the top of your list.
Security Checklist
--------------------------------------------------------------------------------
Here's a list of steps you should be sure to take in securing your network's Internet connection.
Add a router or residential gateway to your network, or use Internet Connection Sharing. Either solution uses Network Address Translation (NAT) to hide your local computers from the outside world and thereby increase your network's security.
Disable file and printer sharing on your Internet connection.
Add a personal firewall to protect your Internet connection from outside attacks. If you have Windows XP, the Network Setup Wizard performs this task automatically.
If you have a router that doesn't support Universal Plug and Play (UPnP), look for a UPnP-compatible firmware upgrade or consider replacing the hardware.
Set a strong password on your router.
Disable access to Web-based administrative tools from the Internet.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment