Which is more secure...need advice please

When networking home computers what protocall is more secure, TCP/IP, IPX/SPX, or NetBeui? I ask because I am wanting to set up a home network with 2 XP home machines and 1 Win98SE machine. First off lets talk about bindings, If I am thinking correctly bindings are what is used to control the protocalls comunication in a certain manner and if I have several protocalls installed but only want to use one certain one for my network then I need to remove the bindings on the other protocalls so that they will not try to inerfere with the network. Am I correct? TCP/IP is what I need strictly to accses the internet and nothing else. I have IPX as well as NetBeui installed.

As explained to me earlier by The high GOD His-Newt-ness (wink) Netbeui is not recconized by a firewall (if I understood correctly) and thus this would enable me to leave my present firewall rules in place concerning NetBios 137-139 DENY all traffic UDP/TCP IN/OUT any application any port. Am I correct in assuming this?

But I use Cable modem and DHCP Broadcasting which also leaves me to belive that I would need to add certain rules within my firewall for Microsoft Networking and the trusted address group.

I want a network that is secure from outside attacks but I also need to let my firewall control the network protocalls locally so that comminication is not hinderd. The last time I tried to set bindings I lost internet connection on win98se machine and am affraid of doing this again. Any advise/links/tutorials would be greatly appreciated. I have searched the net on how to accomplish this and found nothing that meets my needs/concerns.

Best Regards,
FireDancer

 

I think you have two problems here; two conflicting objectives that are the main cause of conflict in most security solutions.

1. Add layers of complexity to thwart a would be malicious attack.

2. The more complex you make your defence, the more likely it is that you'll inadvertantly leave a hole somewhere.

Personally, I'd stick with TCP/IP. It is an easy protocol suite to understand and fairly easy to control with a firewall. There is nothing wrong with IPX/SPX, but it is less commonly used and a little more difficult to get information on than TCP/IP. Having IPX/SPX on your internal network and TCP/IP on your external is a perfectly valid security strategy, but it isn't a simple solution. IMHO, if you need to ask this question, you don't know enough about the protocols and how to test your solution to be sure that the system you put into place is as secure as you want; or rather as secure as you could get with a simpler pure TCP/IP solution.

NetBUEI is an awful protocol. The only time to use it is when there is really no other alternative. It works totally by broadcast, so every computer on your network gets every packet and has to process each one. This is inefficient, insecure, and just plain lazy design.

If you want a secure solution on a small home or SOHO network and can't afford a small firewall, I'd recommend:

1. Personal Firewall on all the PCs - get one that allows you to define a trusted network so you can define your internal Private IP address range (192.168.x.x or 10.x.x.x) as a secure network - or even better just the internal IP addresses of the other PCs on your network.

2. Antivirus software on each PC - and you need to make sure this is updating regularly. If you have broadband, set the system to check for new updates on each boot. If dial-up, look for AV software that will automatically check for updates when you connect. Another layer of defense can be added easily by using an ISP who scans your e-mails for viruses at their servers.

3. Spybot software like Adaware to catch all the IE highjacking rubbish.

Use Shields Up or similar to check your firewall, and if you have a static IP address DShield to check you're system hasn't been compromised.

If you want to learn more about TCP/IP firewalls I'd strongly recommend Building Internet Firewalls, (ISBN: 1-56592-871-7) one of many excellent O'Reilly titles. If you want to learn more about TCP/IP then Internet Core Protocols (ISBN: 1-56592-572-6) is excellent too, and includes an easy to use packet sniffer that you can use to study your network traffic.