How do i secure a computer that is connected to but does not access the internet?

Discussion in 'other firewalls' started by poof, Jun 20, 2011.

Thread Status:
Not open for further replies.
  1. poof

    poof Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    15
    It is connected for remote management purposes, like logging in from time to time to update some files, but it doesnt ever actively access the net. I'm the only one who accesses it or the network its on. I was hoping a router firewall would be enough but i'll have to open a port to do remote access, which from what ive read renders the computer vulnerable to anyone who finds it. My main concern that it might be targeted is that its part of a public display and someone might want to break in and post porn on it. What should i do?
     
  2. poof

    poof Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    15
    So no one knows anything about securing computers?
     
  3. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    How are you accessing the remote computer-http, telnet, ftp, o_O You generally don't need to open a port for remote management; the connections are outgoing and there is no one listening on those ports. A NAT router should work, but you need to tell us more about your connections- You are accessing the internet unless this is all on a LAN.
     
  4. poof

    poof Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    15
    I am considering logmein which i dont think i need to open ports on, but i wanted to keep RDP as a fallback which does require port forwarding. Wouldnt the computer im connecting to need to be listening for this? I'm not concerned about securing the connecting computer, i want to make sure the computers im connecting to, the ones that wont be accessing the net, are secure against someone hacking it over the net.
     
  5. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    Is this a LAN, or do the computers you are connecting to have individual WAN IP addresses? Does the remote accessing computer directly connect to the internet (have a WAN IP address)? The computers you are connecting to generally need to open ports so you can connect-they act as servers (accept inbound connections). Not enough information.
     
  6. poof

    poof Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    15
    Its RDP, you connect to it over the net to other computers connected to the net, i suppose in the conventional sense the computers im connected to would be regarded as a server, however RDP doesnt make this designation.

    So i have

    Client (my admin computer) -> internet -> remote computers' router -> remote computers

    where each client has its own wan ip. They most likely will be networked together for simple file drops across all of them (instead of having to remote into each one), but i can disable that if necessary. The wireless router of course will have a strong wpa2-psk password, and the firewall will be enabled with a set of ports open for RDP. The only thing i specifically wont be doing is using software firewalls due to their resource consumption. What else can i do to secure this? Is this enough to protect against a determined hacker?
     
  7. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    267
    Location:
    Philippines
    Hey there, I'm not at all experienced with handling networks, but may I suggest using group policies so you can remotely secure the computer, install or update software etc., stuff like that.

    Not sure if your infrastrucutre supports this one tho, I'm just throwing ideas. :)
     
Loading...
Thread Status:
Not open for further replies.