Ist das so sicher genug?
Hallo!
Ich betreibe derzeit daheim folgendes Netzwerk:
Als Router verwende ich eine aktuelle Fritz!Box die an den DSL Anschluss angeschlossen ist, dahinter ist mein gesamtes Heimnetz, mit Privatrechnern, und Fernseher etc.
zudem habe ich nun aber auch einen Windows Server (2019) und paar Windows 10 Pro Computer als Clients eingerichtet.
Auf den Windows 10 Clients, ist die hauseigene Windows firewall eingeschaltet. Der Microsoft Defender Antivirus, ist auf denen ebenso aktiv.
Auf den Rechnern wird auch manchmal Online-Banking und so gemacht. Auf den Rechnern wird sich per im Server definierten Roaming Profilen angemeldet, also ein Active Directory System läuft da.
Daher auch schonmal die wichtigste Frage: Kann man das so lassen ? Ist das so sicher ?
Zweite auch wichtige Frage: Also, bei dem Windows Server 2019, habe ich bisher die hauseigene Windows Firewall mal eingeschaltet. Hat das Server System auch sowas wie den Defender o. ä. ? Oder muss man da was kostenpflichtiges kaufen ? Oder wie sichert der sich ab ?
Systeme sind natürlich immer auf dem neusten Stand, und werden von Zeit zu Zeit auf Viren per Defender geprüft. Wenn was gefunden wird (bisher noch nie), wird der PC sofort neu aufgesetzt.
(1 votes)
Loading...
As you have, I have set up a server/client solution with Arch Linux, Debian, Ubuntu and Manjaro. I have been working professionally with Linux distributions as myself since 1994. Software developer, I’ve never had any problems with viruses, even though I’m not using antivirus software.
I trust the Linux environment.
I’m sure you’re right, but what does that help the FS?
Well, I have to say that most of my computers I’m now using are dead from 2025 eh. Because they only get Windows 10, I’ll probably try to completely change the active directory system to Linux in the beginning of next year, and I’ve already started the first tests.
Maybe you can help me, too?
Windows is not considered particularly safe.
This is already clear to me as a whole. But there are improvements BZGL windows here.
Especially because of the “unsafeties” that produce the seats in front of the monitors.
That’s a pretty good configuration. A significant proportion Security is always in front of the monitors;-)
The Windows Defender is now quite good, we also use it in the company network including server. A great advantage is that no third party company software has to get high system rights, even virus scanners, etc. can be a security problem, everything already being there!
How, if at all, are computers from the Internet usable? This is then a private “Liga” bez. Security.
The Fritzbox also allows certain devices to block the Internet access. Have private cameras that I have prohibited access to the Internet. They like (un)secretly to quassel with their servers from the manufacturer etc.
Do you have IOT devices like cameras, etc. on the net? Their security holes are often overlooked, especially since companies often offer no patches, updates.
Yes, I have 2 smart speakers and a smart TV. I don’t have more IOT devices.
The rest consists of the Windows 10 Pro Clients, the Windows Server 2019, another “standalone” Windows 10 Home computer, also a “standalone” Windows 11 Home laptop. Currently an old laptop with currently Windows 7 and Linux in dual boat. Then a faster Linux computer. A Linux server, another old laptop with its original Vista.
Then some Apple devices (current and older).
Other Windows 98 / XP devices.
Some of the old ones (i.e. Win98 – Win 7) rarely go online, but if then in the gas grid, they don’t harm the other computers, and also just for a short time… sometimes as a project, if what seems suspicious I always set them completely new, just like all other computers.
Then you have such a small overview of my current home network, which runs in there.
It changes more often, and I might have forgotten devices.
I would also exclude them from the internet! Or do you need certain things from the Internet?
Theme Smart TV:
https://www.heise.de/select/ct/2023/20/2313711481802415158
https://www.heise.de/news/Spion-im-Wohnzimmer-c-t-entdeckt-sicherheitsluecken-in-zahlvolle-Smart-TVs-2097287.html
So I have excluded my smart TV via Fritzbox from the Internet, with that thing I just want television, for that it doesn’t need an Internet.
Nee, you don’t have to click the button at all, it also contacts FB. Meanwhile, some side operators might have stopped if they wanted to…
Well, the only thing I like is here on good question, or Youtube.
You don’t have to actively use Facebook, but many pages have e.g. a FB-like-button that makes unrecognized things that you don’t really like.
Ah that sounds great, we don’t use Facebook anyway, but it sounds good.
Speaking of Raspberry: Have been using pi-hole for years, with good success:
https://www.kuketz-blog.de/pi-hole-device-and-configuration-with-fritzbox-adblocker-part1/
It is not quite up-to-date, but explains well, and the installation is currently not much different.
Because by pi-hole advertising etc. in contrast to local AD blockers, charging times accelerate. In addition, there are blocking lists for all kinds, for example for the many Facebook (un)secret pages.
These are basically excluded, but sometimes I like to see how the pages are presented today on such old systems. Of course, no important data will be processed on the PC’s. And as I said, they are insulated by the Fritz!Box guest net so that they cannot attack the “heiklen” devices.
I understand, but sometimes we like to look at things in the ARD Mediathek. But I have also thought that with a small Raspberry Pi that is connected to the TV.