Re: security concerns for home work network

To: debian-user@lists.debian.org
Subject: Re: security concerns for home work network
From: Chris Bannister <mockingbird@earthlight.co.nz>
Date: Sat, 9 Feb 2008 12:42:49 +1300
Message-id: <[🔎] 20080208234249.GG8884@box>
In-reply-to: <[🔎] 20080205235634.GS23732@localhost.localdomain>
References: <[🔎] 4fe4c4f50802051214x4864b643o6fdd2e932145c148@mail.gmail.com> <[🔎] 20080205235634.GS23732@localhost.localdomain>

On Tue, Feb 05, 2008 at 03:56:35PM -0800, Andrew Sackville-West wrote:
> On Tue, Feb 05, 2008 at 01:14:37PM -0700, ChadDavis wrote:
> > This may a bit off topic, but I am talking about  a debian base network, and
> > I sense that many of the people on this list have admin expertise.
> > 
> > I have a small home office network.  I recently set up samba and in the
> > process realized I'm not all that honed on security issues.  My concern is
> > this, when I set up something like filesharing, I'm just doing this for the
> > efficiency of my two person software development company; the other employee
> > is my wife.  In this environment, I generally just set things up as loose
> > and quick as possible.
> > 
> > My question is, am I wrong for thinking that security isn't of much concern,
> > in regards to something like samba file sharing, for our two user network.
> > My theory is that as long as I keep my network shutdown to outside access,
> > everything is cool.  For instance, I generally don't forward any ports from
> > my DSL router into my local machines.  On occasion I'll open 80 to let my
> > clients do some testing.  Am I right in assuming this means I don't have to
> > tighten up something like file sharing?
> 
> I'm no expert by any stretch, but I think in your case, if you are
> behind a secure firewall, then no, security internal to your LAN is
> not an issue. That assumes you trust your wife ;)
> 
> Now, opening port 80 to test software is a different issue. If you are
> "testing" software, then it is likely not secure and not something you
> want to have protecting the rest of your network. That's how you
> should look at it -- if you open the port, then whatever code you have
> on that port is now your line of defense for that port. If that code
> fails to be secure, then your network is not secure. In that case, I'd
> agree that moving your test bed outside your main network would be a
> good idea. 


http://www.debian-administration.org/articles/552

-- 
Chris.
======

Reply to:

References:
- security concerns for home work network
  - From: ChadDavis <chadmichaeldavis@gmail.com>
- Re: security concerns for home work network
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>

Prev by Date: Re: Desktop freeses
Next by Date: Re: Iceweasel problems - 2 of 3
Previous by thread: Re: security concerns for home work network
Next by thread: Re: security concerns for home work network
Index(es):
- Date
- Thread