Home page logo

basics logo Security Basics mailing list archives

Re: Setting up secure windows xp network
From: James Taylor <james_n_taylor () yahoo com>
Date: Thu, 29 May 2003 17:54:53 -0700 (PDT)


If you go down the Zone Alarm route use.....

"but found out that I couldn't set my internet connected
network card to be in the Internet Zone, the NAT wouldn't
work. The only way it would if it was placed in the Medium
Zone" This sounds very odd, it will normally detect it out
of the box. 

If you used Zone Alarm Pro (the $49 version?) then it will
do that. You do *not* have to set the bar to Medium for the
Internet Zone and it is not reccommended. On the gateway
machine, where ZA is installed, you will also need to add
any external servers you use i.e. IP & port to the trusted
zone e.g. your mail provider. This will allow machines
internally to access those services (to pick up and send
mail). By default it should also allow the basic web
surfing service, but if not, once you start to surf on one
of the machines, ZA will detect these outgoing packets and
and a box will pop up asking if you want to allow x service
(e.g. port 80) to be allowed to connect to x.x.x.x? Say
yes. In the advanced tab for the 'Internet Zone' there
should already be a tick in the box 'Allow outgoing DNS
requests' (or something like that).

It does work, really.
Regards & Good Luck.

--- SML <sml () ukf net> wrote:
I'd like to thank everyone for their input.
I've tried several different configurations over past
several days. I didn't
like ICS with Windows own firewall. So I went to
ZoneAlarm Pro, but found
out that I couldn't set my internet connected network
card to be in the
Internet Zone, the NAT wouldn't work. The only way it
would if it was placed
in the Medium Zone. I wonder how secure it is this way?
Am I too paranoid?
:) Then I learned about Kerio WinRoute Firewall which in
fact consist of NAT
and Firewall all in one.
Can anyone share their thoughts about it. I mean how good
or bad it is in
all aspects.
I'm going to try the trial version today.


-----Original Message-----
From: Lachlan McGill
[mailto:Lachlan.McGill () au logical com]
Sent: Tuesday, May 27, 2003 4:30 AM
To: 'SML'; security-basics () securityfocus com
Subject: RE: Setting up secure windows xp network

As a very simple method, you can try just blocking ports
on the network card
level in its TCP/IP properties. This is very simple and
also not necessarily
the most secure.

You should be able to get some success with third party
apps such as
Nortons, Mcafee and Zone Alarm. Its just a matter of
configuring them
properly to suit your setup.

-----Original Message-----
From: SML [mailto:sml () ukf net]
Sent: Friday, 23 May 2003 12:57 AM
To: security-basics () securityfocus com

Hello list.
I'm in the process of securing Windows xp prof network,
consisting of 5
We use "workgroup" configuration.
Also the computers are conected to internet through
windows 2000 gateway
computer with 2 network cards, where one card connects to
ADSL router. NAT
software is in place on the gateway.
I'd much appreciate if somebody could point me to the
internet recourses, or
give advise on how to make the most of windows own
security features,
policies etc. Also what software firewall could we use on
the gateway, since
after trying norton and mcaffe firewals, we couldn't
access the intrenet.


Thinking About Security Training? You Can't Afford Not

Vigilar's industry leading curriculum includes:  Security
+, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security &
more! Register
--UP TO 30% off classes in select cities--




Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]