Re: How can I disable network (type 3) Logon

From: Jim B (jamesbutton_at_cablei-net.co.uk)
Date: 03/18/04 

Date: Thu, 18 Mar 2004 17:51:36 -0000

Yep - It's Norton AV, gonna install a firewall soon (ASAP)
As you say - A can of worms -
It's fairly easy to deal with virus and scripts etc. unless the user can be
fooled into clicking on the wrong bit of a message
(which, from my impressions could be almost any part of a web page)
It's the sneaky ones -
as per the little x running a script,
or a link running the proper link in it's background, passing on your input,
and their output as it logs your input

I advise my associates and friends to:

Maintain a written, and printed list of their bank and other 'private' links
so they always type them in.
Never set remember for passwords
Close any unusual windows by right click on the taskbar entry (or via task
manager)
Think up some good passwords and remember them so they have some
pre-remembered before they have to use them
Never click on any links unless they are certain the source of the link is
from a recognised source,
   or they are on a fully recoverable system (e.g. at the local library, or
internet cafe)
        (so it will be a short while before I try the links you supplied)

Seems the only way to be half way safe is to have 2 PC's (or separate
caddy'd booting disks)
  One for your personal private things, and one for exploring, research and
email etc.

Again, Thanks

James Button

"Steven L Umbach" <sumbach@N0spam.ameritech.net> wrote in message
news:ey%232QyQDEHA.2404@TK2MSFTNGP11.phx.gbl...
> OK. You mentioned "Norton" and I assumed that was a firewall and maybe it
is
> not. A correctly configured firewall should protect you from internet
> hackers trying to logon to your computer. You don't need file and print
> sharing unless you are offering shares to other computers either on the
lan
> or over the internet via a VPN. The email issue is a whole other can of
> worms. I use message rules, hardened Internet Explorer settings, Google
> Toolbar pop up blocker, and my virus scanner to help me there. --- Steve
>
> http://scan.sygatetech.com/ --- do a self scan assessment of your
computer
> from here.
> http://www.microsoft.com/security/protect/
>
> "Jim B" <jamesbutton@cablei-net.co.uk> wrote in message
> news:%23o8CKpQDEHA.3664@TK2MSFTNGP10.phx.gbl...
> >
> > Steve, Andy,
> >
> > Thanks for the response - I've done the NetBIOS Uninstall, and hopefully
> > that will stop those intrusion attempts
> > (when I said the PC was stand-alone - I should, perhaps have mentioned
its
> > Broadband connection)
> >
> > Hopefully, having re-booted, that intrusion path in will be shut off
> > (I'd already got the sharing - and 'NOT SHARED' all the drives).
> > (30 minutes now, and nothing naughty showing in the event log)
> >
> > Now it's on to trying to find an automated way to determine which emails
> are
> > valid, with correct links, and which are spoofed versions of common
> bulletin
> > board distributions with links to spamming and other naughty sites.
> >
> > Regards to all
> >
> > James Button
> >
> >
> > "Steven L Umbach" <sumbach@N0spam.ameritech.net> wrote in message
> > news:%23PjAhjPDEHA.580@TK2MSFTNGP11.phx.gbl...
> > > Uninstall file and print sharing from your computer [you don't need it
> > > anyway], and disabled netbios over tcp in tcp/ip
> properties/advanced/wins.
> > > Those may be normal null sessions that windows networking uses for
> things
> > > like the browse list and since you have only one computer it would be
> the
> > > master browser for your workgroup. I would be surprised if you are
> seeing
> > > those events from a source other that your local computer. --- Steve
> > >
> > > "James Button" <jamesbutton@blueyonder.co.uk> wrote in message
> > > news:fac501c40ce5$9fd75530$a101280a@phx.gbl...
> > > > My stand-alone win2000 pro/Norton system is being probed
> > > > with logon attempts trying Administrator, and NT AUTHORITY
> > > > SYSTEM and ANONYMOUS.
> > > >
> > > > As this system is stand-alone, and should not be accessed
> > > > via the lan or internet, it would appear that the logical
> > > > thing is to disable all logon types except for
> > > > the 'Interactive' Type 2
> > > >
> > > > While I am familiar with systems internals, I do not know
> > > > the windows structures and controls, so could somebody
> > > > Please, pretty, pretty please, provide either a link to a
> > > > MS article detailing the process, or step by step process
> > > > to disable all types except the keyboard /screen
> > > > interactive logon.
> > > >
> > > >
> > >
> > >
> >
> >
>
>