I have a small home LAN with two Linux machines and two Win95 boxes. I am connected to the internet by DSL and have a Linksys router to bridge the LAN to the internet. When my LAN was all Windows, I used IPX/SPX as my transport protocol for networking. The router is set to Block WAN Requests as I run no public servers.

Since converting the two boxes to Linux, I need to use TCP/IP as my transport protocol. Of course this has everything listening on Port 139 for local networking requests.

My question: How secure is my local network from internet breaches with my current configuration. With NO port forwarding and DMZ stuff configured for the router, does the Linksys provide me with a suitable firewall to protect my network from outside intruders? www.grc.com shows everything as stealth as I would still expect.

I always felt reasonbly secure with the IPX/SPX setup but I don't know enough about TCP/IP, and UDP and other things to know if I am in over my head.

Thanks for your comments.

Red

From what I understand, you should be OK, but I'm no networking guru.

Your router should be ignoreing all outside requests, only allowing incoming data that you've requested from inside your LAN.

However, if you get a trojan that "phones home" on one of your boxes, I'm pretty sure all bets are off, depending on the capabilities of the trojan.

Hopefully others will have more info...

Dave

Dave,

Thanks for your response to my question. I am hoping others offer the same opinion. I realize I need to reconfigure ZoneAlarm on the Windoze boxes to cover any unsolicited outgoing traffic.

Then I need to figure out this iptables stuff to do the same thing with the Linux boxes. Wish me luck! :D

Red

What "flavor" of linux are you running?

I've heard nothing but good about Zone Alarm, so you should be able to secure your win boxes OK. No ideas on the Linux side, although the vulerability is greatly reduced as long as you don't run as root ;o)

Dave

What "flavor" of linux are you running?
I currently have two Linux boxes going. On the first I have installed Libranet 2.0, the download version. It is set up to dual-boot with Win98 but I seldom use the Window side anymore. I use Enlightenment as the window manager. I really like this Debian offshoot. It was the first Linux distribution I tried that could configure my soundcard.

On my second box I have just installed Mandrake 9.0. I chose Mandrake 9.0 because it recognized my hardware, runs fast, looked nice with several window managers available, and Netraverse had preconfigured kernels for it so I could install Win4Lin. I decided to use KDE so the family wasn't so scared of the interface.

The thing I fear the most from this Mandrake installation is upkeep of the software. I experienced RPM hell with a couple other RedHat based distros. I was hoping the MandrakeOnline service would smooth some of that out. The service says I have 75 scheduled updates, but after two days, nothing has happened. So far I've received no comments to posts about this issue. If things don't get better soon, I'll switch this thing over to Libranet 2.8 when it comes out.

That's my story and I'm sticking to it. :wink:

Red