Home & Small Office
Featuring 41 Papers as of October 14, 2015
Shoestring Virtualization - Reducing the Risk to Small Business Data from Compromised Remote Networks
by Christopher Jarko - October 14, 2015
Many organizations with significant amounts of data worth protecting also have robust security awareness programs and clear, detailed security policies. When employees from these companies remote in from an infected network, what happens then? A user can be fully compliant with all organizational policies and procedures and be up to date on all security awareness training, but the networks used to remotely access corporate data are populated by users beyond the scope of organizational policy. The use of Virtual Private Networks (VPNs) to remotely access organizational networks has become commonplace, but this may not be enough. This paper will examine different technical approaches to mitigate the problem. Companies can restrict remote access to company-issued hardware, which has benefits but also carries significant costs. Another option is to provide enterprise virtual desktop infrastructure, but this is cost-prohibitive for many small businesses. Local desktop virtualization provides the best solution. Using software such as VMware Player and a custom-built, restricted image provides the company full control of the desktop environment and can restrict data storage to company-controlled servers.
Protecting Home Devices from Malicious or Blacklisted Websites
by Sumesh Shivdas - August 10, 2015
The majority of the devices on a home network have unrestricted outbound connectivity to the Internet. (Barcena & Wueest, 2015) Other than the use of opendns, which only provides some protection against phishing, fraud and limited blacklisting, a homeowners options are limited. To provide protection from known malicious sites and produce DNS query logs for further detailed analysis, a simple virtual machine set up with DNS is proposed. When coupled with opendns, unlimited blacklisting capability and automatic updates to block malicious sites from all devices is provided. The solution also provides the capability to analyze all the DNS logs using a log based Intrusion Detection System like OSSEC.
SOHO Remote Access VPN. Easy as Pie, Raspberry Pi...
by Eric Jodoin - December 4, 2013
Free, unencrypted Wireless Access Points (WAPs) have proliferated and are now found in various locations including restaurants, libraries, schools, hotels, airports, etc.
Protecting Small Business Banking
by Susan Bradley - July 22, 2013
Over the last several years, the use of online banking and other financial transactions have risen dramatically.
Small Business: The New Target What can they Do?
by Robert Comella - July 5, 2012
When many think of IT security they think about what they see in movies and on TV.
A Small Business No Budget Implementation of the SANS 20 Security Controls
by Russell Eubanks - August 31, 2011
The SANS 20 Security Controls were developed in 2009 to help businesses large and small embrace a framework that would promote continuous monitoring and increase network awareness (SANS, 2011).
A Virtually Secure Browser
by Seth Misenar - June 16, 2009
This paper will discuss an increasingly important aspect of information security, the web browser. Sandboxing and application virtualization will be discussed.
Design Secure Network Segmentation Approach
by Ibrahim Al-Ateeq - October 5, 2005
In this document I will discuss some issues related to security on network and how design a secure network. We will look to network segmentations and how it will help us to identify the network topology.
Case Study: Home Network Redesign
by Nate Wilson - October 5, 2005
My goal with this practical is to take a fresh look at my network to make it secure, while maintaining functionally and to do so for as little money as possible.
Web Browser Insecurity
by Paul Asadoorian - June 2, 2005
There has been much debate lately between two different browsers, namely Microsoft's Internet Explorer and the Mozilla Project's Firefox web browser. Security is in the center of this debate, accompanied by features and usability.
Free Tools and Tips to Help Secure Your Home PC
by John Hochevar - January 17, 2005
This paper will emphasize free software alternatives to combat viruses/Trojans, protect against spyware, provide safe Internet browsing, prevent computer intrusions, and eliminate pop-ups. The software will all be for the Windows OS platform, concentrating on users with Windows XP SP1 and SP2. Each category will discuss the inherit risks and include a few pieces of free software that can help mitigate risks.
Kids Online Safety Guide 101
by Hari Pendyala - July 25, 2004
This research paper will present ways to protect children against the dangers of the Internet by using "Defense-in-Depth" principle.
Why me? Minimizing your Internet Exposure
by Kevin Wagner - July 25, 2004
As the Internet community becomes more skilled in their use of attack tools, we are seeing an increase in the number and severity of Internet attacks. Internet neophytes and professionals alike are asking the same question "There are hundreds of thousands of computers on the Internet, why was my computer attacked?"
Designing And Implementing An Effective Information Security Program: Protecting The Data Assets Of Individuals, Small And Large Businesses
by Lee Kadel - June 9, 2004
Attacks against computers, in both home and business environments, have grown steadily over the past several years.
Budget File and System Integrity Verification for Windows
by Ditmar DenEngelsen - June 8, 2004
Home users need an additional level of protection because the threats have increased and file and system integrity verification is able provide this.
Protection of Customer Data For Home Business
by David Davila - August 14, 2003
This report offers advise for those starting a small home business needing to protect customer data from physically or electronic miss use.
Home Computer Security Patch Options For Corporate Security Managers.
by Timothy Rice - August 14, 2003
This paper provides a discussion on residential users who connect to a corporate LAN via a Virtual Private Network (VPN) tunnel over a residential broadband Internet connection.
Defence in Depth on the Home Front
by Thomas Harbour - May 12, 2003
This paper sets out a defense in depth approach to meet the security needs of the Windows-based home Internet user while maintaining usability.
The Consumer Desktop - The Weak Link in Internet Security and Why ISP's Are Uniquely Positio
by John Clark - March 11, 2003
This paper demonstrates why consumer desktops are particularly vulnerable to compromise, what options are available today to protect the consumer desktop and why Internet Service Providers (ISP's) are particularly well positioned to improve the security of consumer desktops.
Defense in Depth and the Home User: Securing the Home PC
by Shauna Munson - March 7, 2003
This paper's purpose is to make the home computer user aware of the risks of using an unsecured computer, and to provide a guide in how to secure the home computer by applying various layers of defense to their system.
SOHO Firewall Savvy
by Maureen Lamb - March 6, 2003
This paper will attempt to provide some guidelines for choosing, installing and configuring a firewall for a small office.
ZoneAlarm - A Free Solution for Home Security
by Curtis Elliott - October 1, 2002
This paper provides an in-depth look at ZoneAlarm, a power and easy of use, free personal firewall that is designed to guard a home user's PC against the threat of hackers and data thieves.
Creating a Stable and Secure Connection from a Remote Website to the Inside of a Network
by Tom Williams - June 17, 2002
This paper will examine the best way to grant remote access to the network of a very small business for employees who are out of the office on the road.
Multi-Layered Approach to Small Office Networking
by David Taylor - March 25, 2002
This paper will address several areas that small business owners should consider as they deploy and grow their office network.
Homeland Security Starts at Home - Security for the Home Computer User
by Michelle Johnston - March 25, 2002
This paper will give you an introduction to the topic of home security and outline what steps you need to take to start securing your home computer.
Sniffing A Cable Modem Network: Possible or Myth?
by Dexter Lindstrom - March 5, 2002
This paper focuses primarily on the threat of malicious users sniffing on a cable modem network.
Understanding & Securing Home Windows Networks
by Todd Grigsby - January 23, 2002
My goal of this paper is to provide an understanding of today's Internet Service Providers (ISP) offerings and methods in which you can secure your home Microsoft windows networking environment as effective as possible.
Getting the Most Security out of the Linksys Cable/DSL Router
by Earl Charnick - November 30, 2001
This paper provides configuration and set up instructions for installing the Linksys(R) EtherFast Cable/DSL Router.
Responsibilities of the "Small Shop" in a Post 11 Sept World
by Forrest Houston - November 27, 2001
This paper provides some direction for crafting an improved security program.
A 6 - Layer Defense for an IT Professional's Home Network
by Daniel Crider - November 22, 2001
Penetrating an I.T. professional's home system is even more desirable in the eyes of most hackers.
Security Problems for Small Companies
by Jeremy Klomp - November 6, 2001
This paper discusses the merits of implementing up front security measures and establishing guidelines and policies to deal with security issues as they arise.
Best Computer Security Practices for Home, Home Office, Small Business, and Telecommuters
by Jon Willert - October 22, 2001
In this paper, the author recommends utilizing a multi-layered defense security approach to secure home, home office, small office, and telecommuter computers.
Addressing and Implementing Computer Security for a Small Branch Office
by Patria Leath - October 10, 2001
This paper will address the security issues faced by a small office accommodating staff reporting to the main location and visitors requiring "computer access".
More Secure at home Using Linux
by Hans Lie - September 15, 2001
In this paper, the author describes his personal experience of implementing defensive security measures on his home computer network consisting of a mixed platform.
Home User's PC Security: Threats To Windows Users and Countermeasures To Defend Against These Threats
by Roziah Kassim - September 13, 2001
The objective of this paper is to alert home users of the growing number of threats to home PCs and to provide proper countermeasures against these threats.
Securing the Broadband Network
by Sushilkumar Nahar - August 9, 2001
This paper addresses combining broadband access technologies with integrated security solutions, so enterprises and service providers can safely and securely capitalize on all of the benefits of the broadband Internet.
Building a Secure Home Network
by Kim Thomas - July 26, 2001
This paper discusses the implementation of a multi-layered secure home network including, virus protection, firewalls, sensitive data, backups, encryption, safe-surfing on the Internet.
Layers of Defense for the Small Office and Home Network
by Derek Krein - July 24, 2001
This paper addresses the best means of protecting a small office or home network users systems from malicious activity, is called a multi-layered defensive approach.
Filtering Routers in a Small Office/Home Office with a Mixed OS Environment
by Ricky Smith - July 23, 2001
In this paper the author explores one layer of a multi-layered defense of the internal network of a SOHO user, and how to configure the packet filtering capability of a cable or digital subscriber line (DSL) router for a mixed OS network. This paper is an extension of the work of Rick Thompson  and Patrick Harris 
The Importance of Social Engineering for the Home Internet User
by Ron Dean - July 16, 2001
This paper discusses the necessity for educating home Internet users, recommending several areas of improvement that will help home users understand the need for securing their systems.
My Home Setup
by John Lutheran - July 2, 2001
The author of this paper shares several changes to his home computer configuration after attending a SANS five day training course on security.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.