Network Security

What's the best way to setup a home network? Why should I care about BGP?

Re: Network Security

Post by hellow533 on Wed Apr 17, 2013 3:00 pm
([msg=75192]see Re: Network Security[/msg])

sordidarchetype wrote:
hellow533 wrote:I also noticed this however limits users, as they cannot access all internal network resources.


Users should still be able to transfer clipboard data seamlessly, and share serial and peripheral devices to the host (I believe this all requires activex controls).

As far as I know, unless I'm mistaken, they cannot share peripheral devices to the host through a tunnel, they can only access whatever they are tunneling to, whereas with a standard remote desktop connection they can access all other devices on the network. I believe SSH is what supports that. I believe I read he is using Windows 2008 server, which supports both SSH and IPSec.

With IPSec, there are two modes. Tunnel mode encrypts the entire IP packet, protocol data, and payload. Transport mode just encrypts the transport layer (TCP, UDP, ICMP).

However, I believed this was beyond OP's comprehension. I told him to just made a blacklist. Attackers are added to the blacklist when there are x amount of failed entries to the network within x amount of time. They would then have to manually be removed. That means they cannot just run a bunch of guesses on the network and move on, but would be limited to let's say 5. 5 attempts within x minutes = IP ban from network. Even with multiple attackers from multiple botnets, each botnet would then be banned after so many failures.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 515
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: Network Security

Post by sordidarchetype on Wed Apr 17, 2013 4:12 pm
([msg=75194]see Re: Network Security[/msg])

hellow533 wrote:As far as I know, unless I'm mistaken, they cannot share peripheral devices to the host through a tunnel, they can only access whatever they are tunneling to, whereas with a standard remote desktop connection they can access all other devices on the network. I believe SSH is what supports that. I believe I read he is using Windows 2008 server, which supports both SSH and IPSec.

With IPSec, there are two modes. Tunnel mode encrypts the entire IP packet, protocol data, and payload. Transport mode just encrypts the transport layer (TCP, UDP, ICMP).

However, I believed this was beyond OP's comprehension. I told him to just made a blacklist. Attackers are added to the blacklist when there are x amount of failed entries to the network within x amount of time. They would then have to manually be removed. That means they cannot just run a bunch of guesses on the network and move on, but would be limited to let's say 5. 5 attempts within x minutes = IP ban from network. Even with multiple attackers from multiple botnets, each botnet would then be banned after so many failures.


To be honest, I haven't used the built-in IPSec for Windows 2008, so it's nice to know that's available.

Anyway, the TSG just proxies the connection, on top of that they user can be running RDP 6.1 or higher, which allows for limited resource redirection. For example, using the TS easy print driver on an RDP 6.1 enabled client, you can absolutely print on a client printer while connected to a remote session via TSG.
:)
User avatar
sordidarchetype
New User
New User
 
Posts: 47
Joined: Wed Dec 22, 2010 12:46 pm
Blog: View Blog (0)


Previous

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests