Re: Securing against an internet based intrusion




I don't know whether account lockout will do anything in XP, but first step
is getting a good firewall in place between your computer and the Internet
modem/router you use - even if you use the XP firewall as well. Don't allow
any inbound traffic at all, and you're in decent shape. Depending on the
model, you may be able to turn up logging such that you can see what people
(or hijacked computers) are trying to do - even dump it out to a syslog
server.

We have DSL, there is a rumored hardware firewall in the modem. I
don't know if it's effective, but we use Zone Alarm software firewall
too.

We have a single administrator, changed the name to something obscure
and use a REAL password on it. I can remember it, but just barely.

The 3 users on the computer do not have administrative privileges, and
when we need to add software or perform duties that require
administrative privileges, the modem is turned off until maintenance
is completed. Even the non administrative users log in by REAL
passwords.

File and printer sharing is turned off-my understanding is that this
will not let anyone in to the hard drive if they make it through the
firewall.


If you use wireless, don't use a wide open access point - use WPA at
minimum.

We do have a wireless router for connection to a second laptop
computer, which is currently running wide open access....but not for
long. I will encrypt it soon. Filesharing and printer sharing for the
wireless connected laptop is also turned off.

Use a good, long, complex password on your default administrator account,
and also on your own account (and don't put your own account in the
Administrators group).


Done.

Thanks for commenting, it's much appreciated.

A
.