D-Link SecureSpot

Reviews: Networking

D-Link SecureSpot

Author:
Editor:
Sponsor:
Published:

Richard Poelling
Kurtis
D-Link
Dec. 3, 2006

Specifications

<< Previous

Next >>

Testing

Normally, I would hook up a device in the manner in which it is meant to be installed. For testing the SecureSpot, I decided to segment my existing network rather than jack this thing into the entire network. There are really three main reasons for this. First, in order to properly test the device, I will have to do "things" I don't normally allow on my network. Second, overly securing a network and losing connectivity is a bad thing. Finally, my wife and kids will kill me if I screw up our internet connection for any length of time. So in the end, it really comes down to that last one.

The setup consisted of my "internet" connection coming into a Linksys WRT54G router running Firmware DD-WRT v23 SP2 (09/15/06) standard. An Ethernet connection was then made to my computer which contained my virtual machines. A single 3Com onboard NIC was bridged to work on only that particular network. Therefore any and all virtual machines would be using the Linksys network, not the standard internal network. The setup of the SecureSpot was performed as instructed. A figure depicting the entire setup is below. I also setup the IP of the Linksys router as the DMZ on my existing upstream router so all the random traffic that is floating on the internet will hit the SecureSpot. Everybody got that? Good, let's get started.

Thin Client

The thin client portion of the SecureSpot is the actual interface to a lot of the local functionality. The thin client houses the Antivirus/Spyware as well as the popup blocker. Other functionality can be accessed through the interface as well. Besides acting as a control mechanism for the SecureSpot, the thin client also allows access to the internet, depending on your security settings. At the highest setting, you need the thin client installed in order to access the internet. No thin client, no access. The medium setting could allow a user to gain access to the internet by removing the thin client entirely, while the low setting does not require the thin client at all. The obvious choice to get around this type of behavior would be to uninstall the thin client entirely. In order to accomplish this though, you do need to supply the administrator password for the SecureSpot. I will say as long as I had administrator privileges on the system, I was able to shut the thin client down.

Parental Controls

This name just strikes fear and loathing into many. For young people it means harsh overlord-like restrictions on what they can do, for others, it is the harsh realization that they are now considered a "Parent." Either way, we can also call this category a web filter. However it makes you feel or what you call it, its job is simple; restrict content of items which are deemed "off limits". The basic functionality of the parental control is to apply certain filter sets to the internet. A list of these filters can be found below. Additional settings determine how these are handled. Like most filters, nothing is perfect, and we all know that kids are quite sneaky when they are determined. One of the options you have is a safety lock feature. This entails a slider bar which should be relabeled "leniency" instead. If a certain number of consecutive hits are blocked, the internet will be locked out permanently until the machine is rebooted. Along this same line, you can also block access by time of day through the scheduling menu.

To do the actual blocking, you can use the extensive category list of sites. I am uncertain who decides what belongs where, but I have to admit, the list is quite long. Any time a site is blocked, it will list which filter or filters in some cases are causing the block. If a site is blocked, it can be enabled by using the administrator password and can also be added to a permanent "allow" list. To be honest, if you need to block that many items, you are probably best served by just pulling the Ethernet cable now.

No filter is perfect, especially if you have access to Google. A simple search of something which trips the pornography filter when visited, won't necessarily trip when viewing an image search. The original page may be blocked, but viewing Google's cached image was possible. Nothing is perfect.

A section under Parental Controls is the Profiles section. Here you are able to set up different account types which can be used to apply different settings to. You have the option of having whole computer accounts, whole network accounts and even individual user accounts. The user accounts can also be linked to your XP user profile such that the logged in user gets the proper profile. This type of fine control is always welcome.

Filters:

Alcohol
Health/Medical
Pornography
Art
Holistic
R Rated
Automobile
Humor
Sports
Education Cheating
Military Appreciation
Streaming Media
Obscene/Tasteless
Unsavory/Dubious
Finance
Online Classes
Unstable
Fitness
Games
Peer-to-peer/File Sharing
Web-based Email
General Business
Personals/Dating
Web-based Newsgroups
Government
News
Music Appreciation
Tobacco

Real Estate
Banner Ads
Information Technology
Recreational
Books and Literature
Social Opinion
Drugs
Message Boards
Spam
Education
Militant/Extremist/Terrorist
Online Greeting Cards
Weapons
Free Hosts
Outdoor Recreation
Weather/Traffic
Gambling
Paranormal
Web Logs
Popup
Web-based Storage
Political Opinion
Web-based proxies and anonymizers
Hacking
Explicit Art Travel
Fashion
Hate and Discrimination

Chat
Internet Radio
Religion
Child Porn
Instant Messaging
Reference
Internet Service Provider
Religious
Opinion
Comics
Legal
Search Engine
Community Organizations
Lifestyle
Self Defense
Criminal Skills
Local Community
Shopping
Cults
Malicious Code/Spyware/Viruses
Educational Games
Military-Official
Theater
Employment
Movies and Television
Tickets
Entertainment

Firewall

The firewall consists of several different sections. These sections are: Security Settings, Software Selections, Intrusion Detection, Software Blocking and Download Blocking. The Security Settings are where the individual ports are blocked. Settings of low, medium, and high basically just install different templates containing lists of ports. The Software Selections section contains software which could be considered harmful. Items such as BitTorrent, IM clients, iTunes, and Skype are all in this list. A simple checkbox controls what is blocked.

The Software Blocking section had me confused. The explanation of this feature is as follows: "The Software Blocking section allows you to control the execution of software that is not already defined in an approved list of known software." To me that means you can't execute any software not already approved. I had this set on "Block unknown software" when I downloaded and installed all the P2P programs which eventually clogged my machine with Spyware. There is also an entire other section of options under the Download Blocking Options section. Basically, you can block files by extension. I can definitely see how useful this feature could be, but if you start blocking jpg's and gif's the web will be a very dull place indeed.

Identity Protection

The idea here is to put in all the information that you do not want shared and the device will warn you if someone is attempting to get hold of it. The idea is novel, but I personally don't like the idea of putting information all in one place. All it would take is the system to get hacked on their end and that is it. Besides, common sense should be your guiding wisdom here. Anti-phishing is already being integrated into the newest browsers, similar to popup blocking. I think this feature just needs to be dropped in favor of something else.

Reporting

The reporting feature allows you to look at the logs of internet activity for any given day. Any days in which questionable or adult content is blocked are marked with a color. Clicking that day will yield you the computer, website, and reason for the block. There is the option of setting up a secondary auditing party, but this feature seems more geared to the small office setup rather than the home setting.

Popup Blocker

The SecureSpot includes a popup blocker which loads with the thin client. Through the thin client, you can easily configure how you want the popup blocker to function and whether you wish to be notified of a blocked page. Although I commend D-link on such a useful feature, it is already a major part of most new browsers today. I did confirm that it worked, however. When a popup is blocked, the machine beeps. In fact, the machine which I had all the spyware on was beeping up a storm every time I opened up a web browser. Although well intentioned, I think their efforts could probably be put forth to bettering other portions of the SecureSpot.

Antivirus/Spyware

The antivirus functionality is contained within the thin client download. Actually, from the logos at bootup, it appears that McAfee VirusScan is the vendor of choice for the SecureSpot. After initial download of the thin client, the machine will reboot and install the full antivirus software. You will also be the recipient of a nag screen to scan your system. I can say that I found the antivirus to be quite functional when attempting to scan the whole machine. I can not report on its effectiveness for picking up viruses since I didn't have any lying around and was even unable to get any in the span of this review.

In the literature and on the command interface, the antivirus is always paired with that wonderful word "antispyware." I looked high, and I looked low and could find nothing which had any form of antispyware functionality. Thinking that it might be integrated within the antivirus, I performed a test. This test consisted of me downloading and installing Bearshare, Kazaa, Limewire, and iMesh. Before these were installed I did a thorough scan on my computer using Lavasoft's Ad-Aware. It came up clean before anything was installed. After installation I ran the integrated antivirus to see if it picked anything up, nothing. As far as the thin client was concerned, my machine was clean. A follow-up Ad-aware scan was not so cheerful. A whopping 198 objects were located. In my opinion this failure is multi-tiered. First, I had the software restrictions enabled (see firewall above) so I should not have been able to install unknown software, and second, where is this antispyware software. As far as I can tell, it is non-existent. The only thing worse than not having protection against something is thinking you do when in reality you are highly vulnerable.

Further snooping has revealed that there are antispyware filters in the parental controls list. There are also some items within the firewall list which should block spyware. I would prefer a more proactive approach to spyware. That approach should remove it, not just block it. It is usually the shear act of running the hidden programs which slows machines down so much over time.

Spam Blocker

Maybe they just ran out of development time or something when they got here. The spam blocker essentially just tags your email with a tag of your choosing. It is up to you to determine what you do with it when you get it. Setting up outlook 2003 to check my pop3 email account yielded absolutely nothing. I didn't even get the chosen tag of "CRAP" which I had set in the control center. I would consider this feature to be useless.

Screenshots

<< Previous

Page 3 of 4

Next >>

Page 1: Introduction & First Looks
Page 2: Setup & Price Analysis
Page 3: Testing & Screenshots
Page 4: Conclusion

Subscribe to Security [more info]

Add Comment

1 User Comment

1 - Posted by Kurtis on December 5, 2006 - 7:29 pm

Digg this article:
http://digg.com/security/Network_Security_in_a_Lit...

Add Comment

To add a comment without being a member, you may omit the password field, but you must enter your name (or nickname) along with your comment. * Denotes required fields.