How Are You Protecting Your Computers?

b0m8ad1l asks: "I'm wondering what AV, software/hardware firewalls Slashdot readers are using these days. I remember another Ask Slashdot a long time ago, but i'm curious as to how everyone is keeping up with the times. I'm using Kaspersky AV, Sygate Personal Firewall Pro, behind a Netgear RP114 router"

I'm using

[Trikenstein]

D-Lonk DI-604 router, Zone Alarm personal, Norton AV 2K2. When I install XP, I disconnect the computer from the network, install XP, and SP1, Zone Alarm, Norton AV, then reconnect to network and patch up.

The obvious...

[zyche]

OpenBSD/pf.

Re:The obvious...

[hdw]

Amen to that.
Two junkboxes, an SS10/30 that happened to have a quad-ethernet and a P200 with 4 cheap PCI NICs.
Both with OpenBSD with pf, pfsync and carp.
Wlan AP connected to DMZ allowing only IpSec traffic.
Internal server with samba/nfs, Clamd and Squid.
All internal boxes get their virus scanned mail from the server, all http access thru squid (with filtering for annoying ads and crap).
All MS boxes also have updated Norton Antivirus and of course Firefox/Thunderbird.

And Daddy gets a good nights sleep, every night :)
// hdw

Not doing dumb things...

[Spoing]

...keeping my systems as simple as possible (from apps to services) and following my own advice on firewalls (see signature).

If you add complexity to deal with complexity you are introducing additional vectors for even more security problems. (One example: trusting that a virus detector is working because it says 'everything is fine'...only to find out later that the last virus through disabled the virus detector so it would always report 'everything is fine'.)

Re:Not much.

[WhiteBandit]

Software firewalls do a good job of monitoring outgoing connections, especially when it comes to setting permissions on what programs can access the internet.

Hardware firewalls are slightly more cumbersome when trying to set this up, as most only allow you to filter outgoing connections by ports.

Re:You forgot the web browser (Firefox)

[going_the_2Rpi_way]

Hmmm... I don't know about this. You either want to run scripts or not. You either want to use plug-ins and accept cookies or you don't. Any browser that's configured to do those things will be somewhat insecure. You probably make yourself less of a target by using relatively eccentric browsers, but, if subjected to the same scrutiny as the more popular ones, are they any more secure? The real question is where does the lack of functionality outweight the lack of security/privacy? Do we all go back to Lynx?

K.I.S.S. - always been and always will be best

[mabu]

It's amusing that people focus on the latest-and-greatest security software, which IMO is more counterproductive than it is productive.

You get a whiz-bang anti-virus/firewall system set up and what does it do? Give you a false sense of security so you can feel more confident about engaging in irresponsible computer use. The problem is almost every piece of security software out there has at one point or another been vulnerable, so you're flirting with disaster.

I think no matter how many advances we have in this area, the basic rules of security will always apply:

1. Limit Accessibility.

99% of security issues are inside jobs. Limit physical access to your resources. Don't put any sensitive data on a machine that anyone else has access to that you don't want public. Use encryption, multi-wipe free space and turn off your machine when you're not using it.

Some people don't want to hear this but it needs to be said: DON'T USE WIRELESS if you're worried about security. No matter what precautions you're taking, by going Wireless you dramatically lower the integrity of your personal security PERIOD. It's one thing to use wireless on the road, but you should limit the sensitive information on your laptop in the first place because it's mobile, but it's really just plain lazy and irresponsible to run wireless in a permanent installation like your home if there is any practical way to avoid doing so.

I can't stress this enough: *unconditionally* WIRELESS IS MUCH LESS SECURE. It doesn't matter what protocol/encryption you're using, by going wireless you introduce additional ways your system/data can be accessed.

Remember the first commandment: True security is more dependent upon reducing access points than it is implementing protection of access points.

2. Disable ALL non-critical services. Don't run anything except what you need on your PC. Close all unused ports; remove all services and extra features and plug-ins that aren't needed. The fewer systems, the fewer points of vulnerability.

3. Keep all software fully-patched and up to date.

4. If possible, never use the "industry standard" software if it's not the most secure solution available. Dump IE and Outlook and switch to Firefox and Eudora.

5. TEXT ONLY E-MAIL... This, after #1 is IMO the biggest threat of them all. The added superficial benefit of html-email is not worth the security liabilities that come along with it. If you want to use html e-mail, I'd recommend a second, sandboxed account for that.

6. Never put a machine on public-addressable IP space unless it's a public server. Use a DSL/cable switch and put your systems on a VPN on the other side of a hardware firewall that filters out all non-essential traffic.

7. After you've taken care of 1-6, then and only then should you consider anti-virus/spyware and related software to be a useful addition.

Re:K.I.S.S. - always been and always will be best

[dasunt]

I can't stress this enough: *unconditionally* WIRELESS IS MUCH LESS SECURE. It doesn't matter what protocol/encryption you're using, by going wireless you introduce additional ways your system/data can be accessed.

Explain to me how a properly configured IPSEC setup is less secure then a wired setup.

[ As for the original question, I'm protecting my computers through iptables on the server (running debian stable), and the samba shares are scanned with f-prot weekly. Each desktop machine runs their own antivirus, and I don't use IE or Outlook/OE. Updates are applied very often. ]

Re:K.I.S.S. - always been and always will be best

[dasunt]

IPSEC can be brute brute-forced and/or dictionary attacked, just like anything can... and IPtables are the same, if the cracker can assume any neccessary IP address and remain adressable. Whereas a net based attack must come from a correctly addressed (even if it's a compromised 3rd party) machine, or the packets will simply never return to the attacker.

Er, almost anything can be dictionary-attacked or brute-forced attacked. Given enough time, the ability to ignore the death of the universe, and a ton of processing power, the attack may even be successful. It took distributed.net only 1,757 days to crack a 64-bit RSA key, using the resources of an estimated one-third of a million people. At their peak rate, they could have found a solution by 790 days (with a 50% chance of it being found in 395 days). That was using the computing power equivalent to over 45 thousand Athlon 2GHz machines.

That was with a 64-bit key. A 128 bit key would be 18446744073709551616 times harder to crack. ( Of course, IPSEC uses different cyphers, with different-bit lenghts, which means that the time would probably vary to break an IPSEC key. )

Its possible to set up IPSEC to encrypt a VPN between two machines, and deny any machine not using IPSEC from connecting.

Such a wireless setup is going to be pretty damn secure. If an organization is going to take the time to crack you, the IPSEC VPN is not the place they are going to start.

Just my $.02

PS: Perhaps you were thinking of WEP...

Re:K.I.S.S. - always been and always will be best

[Hast]

No, the statement that RSA is somehow "security through obscurity" is just plain incorrect.

STO is when you use unpublished methods and rely on the attacker not bothering to try to reverse-engineer your system as a method of protection. Examples are using XOR and similar cyphers in obfucated ways to hide the details.

So far RSA has not been compromised. Until such a time using RSA in open and peer reviewed protocols (remember that RSA etc are only a small part of the big security system) is in no way "Security Through Obscurity", it is in fact Best Practices (tm) and that is pretty fucking far from STO! And if a really good way to factor into primes comes up then you CHANGE the encryption scheme!

Most people have a grasp of just how many combinations there exist in a 2^1024 key. As far as we know the number of atoms in the universe (including dark matter and such) is on the order of 2^200. Now in RSA and other asymmetrical systems not all keys can be used, but still I'm willing to guestimate that a typical 2^1024 key has way more than 2^1000 valid keys (I can't be bothered to do a real estimate, and that's probably way to small).

Now consider that the Universe is Pretty Damned Big, yet the number of valid keys completely dwarfs that. It is hard to put into words just how completely unlikely you are to brute-force an RSA key (or any other key for that matter). Just imagine all the absurd unlikely events EVER happening to you in the same microsecond. Then multiply that by about 50 billion times and you'll still be ways off, but you'll get the idea.

In short, you are not going to brute force a key which is even 2^256, it's just not happening.

If you are that worried about someone tapping into your wireless systems do you also ensure that all your electronics is protected from people snooping on your electric signals? Or do you wear sunglasses and gloves all the time to protect you from someone trying to get a copy of your iris/retina or finger prints? That's a lot more likely than someone breaking your encrypted wireless communication.

Besides I'd rather have my precious data under my desk in encrypted form than in some bunker with a bunch of morons with explosives. No way to be sure what they end up shooting at when they are drunk and bored.

Re:Not much

[skinfitz]

...Never got infected through Internet Explorer or Outlook Express though. I don't use antivirus software and I don't get viruses or spyware.

Forgive me for pointing out the obvious, but how do you know?

Absolutely nothing you have there would prevent the latest GDI exploit from running code of attackers choice on your Windows box by you doing nothing more complicated than viewing an image.

Ok, fine, I'll bite...

[MachDelta]

Goddamn. The things people do to run Windows... It makes me glad I use Linux.

Oh come on, lets not be hypocritical here. I seriously doubt anyone can say they've done a fresh install of *distro-of-choice* and not spent some time tweaking things to get their system into a fully usable state.
Everyone does it, and just because one person has to install a firewall and another person has to hunt down drivers doesn't make either person superior to the other. Yeah I know, this is slashdot, where "Windows sux and Linux rulez", but if we're going to be asking serious questions we might as well be giving serious answers.

Myself, I use KPF and AVG, with AdAware on the side. Fortunatly, these three programs don't have much to do, thanks to Firefox and my cheap yet trusty DI-604 router. I'm actually going to be putting together a box for my parents this weekend too, so i've been busy loading up my USB flash drive with some of the aforementioned programs, and other first boot goodies. And if i'm lucky, my parents will turn over custody of their old computer (an aging P3-500) to me, which I hope to turn into my very first Linux box to muck around on. Then i'll get to experience the numerous pains-in-the-ass of both worlds! Should be fun. :)

simple:

GNU/Linux

Re:Not much.

But why do I care to monitor outgoing connections? The hardware firewall prevents unwanted incoming requests. I don't care about outgoing requests unless they're initiated by spyware. By keeping spyware and viruses off of my system, I don't have to worry about that.

Besides, most software firewalls do not thoroughly prevent unwanted outgoing connections. It's simple to slip something by the stack.

Cheap NAT

[lkaos]

I have a Linksys wireless switch behind my cable modem. My main Linux server is set up as a DMZ host. This server was built via Gentoo and the only services running that are exposed is ssh and Apache2.

I've not had an issue in the 2 years I've had this setup. I don't have problems with email worms and such because well all my machines run Linux :-)

I've got a similiar setup for my parents and they've had minimal problems running all Windows. They've had some spyware issues lately because of some bad downloading but what can you do.

Re:RSA is far less obscure than physical security

[pthisis]

[Note that I make no judgement on whether STO is necessarily a good thing or a bad thing].

Cryptography is obfuscation

Yes, but "security through obscurity" is a technical term of art. It's either ignorant or disingenuous to use English-language definitions to define a technical term when that term is clearly used in context. Yes, the private key in an RSA implementation must be "obscure" in the English sense for the system to be at all secure.

But, as wikipedia puts it (you can read more there):
"In cryptography, the reverse of security by obscurity is Kerckhoffs' principle from the late 1880s, which states that system designers should assume that the entire design of a security system is known to all attackers, with the exception of the cryptographic key"

This is supported by how this term is used in practice by experts in the field.

The key principle of systems described by "security through obscurity" is that the _design_ of the system (algorithms, etc) is hidden.

The key to non-security-by-obscurity systems is that the design of the system is public so that it can be publically audited and the assertion that "it's secure when used with any key that satisfies condition X" is well-vetted (X is usually: "Product of 2 large primes", in some algorithms it may be "Never reused" or "not a Weak Key" for some rigorous definition of weak key, in some algorithms other ). It's also usually key that there is a good objective test for condition X, such that implementors have a high degree of confidence that not only is their crypto implementation basically sound but that the keys they implement are believed to be secure as well.

More generally, in non-keyed systems it's not considered reliant on "security through obscurity" if the system architecture as a whole is well-vetted and the conditions that are prerequisites to security are documented and objectively testable via some well-vetted method.

Of course, you probably already new that and were trying to change the accepted definition by arguing against the OP based on an idiosyncratic (within the context) definition.

(Of course, whether or not a system relies on security through obscurity is kind of a spectrum; very few systems are completely non-STO and very few are completely STO.)