[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security concerns for home work network

On Tue, Feb 05, 2008 at 03:56:35PM -0800, Andrew Sackville-West wrote:
> On Tue, Feb 05, 2008 at 01:14:37PM -0700, ChadDavis wrote:
> > This may a bit off topic, but I am talking about  a debian base network, and
> > I sense that many of the people on this list have admin expertise.
> > 
> > I have a small home office network.  I recently set up samba and in the
> > process realized I'm not all that honed on security issues.  My concern is
> > this, when I set up something like filesharing, I'm just doing this for the
> > efficiency of my two person software development company; the other employee
> > is my wife.  In this environment, I generally just set things up as loose
> > and quick as possible.
> > 
> > My question is, am I wrong for thinking that security isn't of much concern,
> > in regards to something like samba file sharing, for our two user network.
> > My theory is that as long as I keep my network shutdown to outside access,
> > everything is cool.  For instance, I generally don't forward any ports from
> > my DSL router into my local machines.  On occasion I'll open 80 to let my
> > clients do some testing.  Am I right in assuming this means I don't have to
> > tighten up something like file sharing?
> I'm no expert by any stretch, but I think in your case, if you are
> behind a secure firewall, then no, security internal to your LAN is
> not an issue. That assumes you trust your wife ;)
> Now, opening port 80 to test software is a different issue. If you are
> "testing" software, then it is likely not secure and not something you
> want to have protecting the rest of your network. That's how you
> should look at it -- if you open the port, then whatever code you have
> on that port is now your line of defense for that port. If that code
> fails to be secure, then your network is not secure. In that case, I'd
> agree that moving your test bed outside your main network would be a
> good idea. 



Reply to: