Tuesday, March 27, 2007

A Travel Cup of Hot Cocoa: Defense in depth

Everyone likes to keep their hot Cocoa hot. So travel mugs are insulated, and have a lid to help keep it hot. Yes it keeps it in the mug as well, but you can argue that keeping more in the mug helps keep the heat in ;-)

Which brings me to the topic at hand defense-in-depth for the PC.
If it was made by man, it can be hacked and cracked by man.
- Anonymous
Absolutely nothing is foolproof! On the other hand several good defenses layered will slow down or dissuade an attacker.

Hardware Firewall

A hardware firewall configured to only allow outgoing traffic and responses to the outgoing traffic. Fortunately this is the default. Any wireless should be configured for security, which is not the default. You don't want your neighbor unintentionally, or intentionally, causing you harm. Then there are the war drivers looking for free access or anonymity while committing crimes, that point back to you.

Software Firewall

Yes this should be running even if it is not a laptop that travels outside your network. One area of concern with Windows firewalls. For ease of use and compatibility there is much greater trust on the local network that could be used against your machine while you enjoy your Cup of Cocoa at the local WiFi hotspot.

Anti-Malware

Both anti-spyware and anti-virus should be running and kept up to date.

Windows work Both Ways

The average web browser shows off the babels of the internet, but at the same time, by default and for your viewing pleasure, lets remote sites into your computer.

Internet Explorer is infamous for being the weak link used by many exploits. Firefox has a better default security stance, but is not perfect. Firefox also has a quicker response for security fixes.

Mcafee Site Adviser
(http://www.siteadvisor.com) will flag sites that can cause grief if visited. It has an icon that shows the current site rating, and access to the details available. Additionally google searches will show the site adviser graphic next to each search result.

There is still has a free version and is available for no cost. There are plug-ins for both IE (http://www.siteadvisor.com/download/ie.html) and Firefox (http://www.siteadvisor.com/download/ff.html)

NoScript (http://noscript.net/) is a Firefox add-on that provide granular control to scripts. IN a nutshell any web page that is visited may pull content, and scripts from other web sites and servers. Without NoScript there are only two options are allow all scripts on the page, or do not allow any scripts. NoScript allows or disallows scripts based on URL. It is quite flexible and even allows temporary rights to run scripts, in addition to white listing and black listing.

NoScript (http://noscript.net/) is highly recommended.

No comments: