Home Security

After leaving the comfort zone of my job as Operations Director at a well known SaaS provider to set up as an independent IT Security Consultant, I though it might be wise to first test my skills on my own home and now also office network.

My home/office network is not dissimilar to many other peoples; there are 4 PCs running either Windows XP or Vista and an ADSL internet broadband connection. I also have a test server for work purposes running VMware with 2 virtual machines: Ubuntu Linux and Windows server 2008.

My starting point was to run a vulnerability scanner on my internal subnet. For this I chose Nessus which has an excellent reputation and is free for home use. My objectives were to gain a level of confidence as to the security of my home systems as seen from the privileged position of the local subnet and also to assess just how accurate Nessus is at vulnerability assessment.

I configured Nessus to scan the entire subnet rather than individual systems and also ran all security tests. After about 10 minutes the scan completed finding mostly what I expected but also a few interesting extras.

Firstly, Nessus managed to pick up my 4 PCs and correctly identify the operating systems and in three cases the hostname. The PCs running Skype were successfully detected as were the systems with ITunes. Two PCs were shown to have file-sharing enabled

Nessus also identified my VMware server which had a large number of ports open although none were flagged as a potential risk. The Linux server was identified with just SSH and Nessus (not surprisingly) running but gave me a whole list of recommendations as to how to better configure my server to stop information leakage and recommended an upgrade of acpid.

The Windows 2008 server was incorrectly identified as Windows Vista but this is not a million miles from the truth. The correct open ports for the server were detected; HTTP (80), FTP (21) and RDP (3389). Nessus pointed out that anonymous logins were available for ftp and that I could improve the security levels of RDP and FTP. The correct version of IIS7 was also identified.

Nessus also detected my iPhone, connected via wifi, the web server on my ADSL router, the streaming channel for TV and the FTP server on my TV decoder.

First conclusion from this test is that Nessus is excellent at system and service discovery. The second is that although overall security seems adequate, there are far more attack vectors on my network than first thought. It seems fanciful that my TV decoder might be a future target for hackers but a year ago, one might have said the same about mobile phones and ADSL routers, both of which have had know attacks in the past month.