Re: Securing against an internet based intrusion




I don't know whether account lockout will do anything in XP, but first step
is getting a good firewall in place between your computer and the Internet
modem/router you use - even if you use the XP firewall as well. Don't allow
any inbound traffic at all, and you're in decent shape. Depending on the
model, you may be able to turn up logging such that you can see what people
(or hijacked computers) are trying to do - even dump it out to a syslog
server.

We have DSL, there is a rumored hardware firewall in the modem. I
don't know if it's effective, but we use Zone Alarm software firewall
too.

We have a single administrator, changed the name to something obscure
and use a REAL password on it. I can remember it, but just barely.

The 3 users on the computer do not have administrative privileges, and
when we need to add software or perform duties that require
administrative privileges, the modem is turned off until maintenance
is completed. Even the non administrative users log in by REAL
passwords.

File and printer sharing is turned off-my understanding is that this
will not let anyone in to the hard drive if they make it through the
firewall.


If you use wireless, don't use a wide open access point - use WPA at
minimum.

We do have a wireless router for connection to a second laptop
computer, which is currently running wide open access....but not for
long. I will encrypt it soon. Filesharing and printer sharing for the
wireless connected laptop is also turned off.

Use a good, long, complex password on your default administrator account,
and also on your own account (and don't put your own account in the
Administrators group).


Done.

Thanks for commenting, it's much appreciated.

A
.



Relevant Pages

  • Re: Restricting internet access completely to users/groups
    ... Realistically you can not restrict an administrator account as ... know how to restrict such a user would be to use a firewall that can be ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Firewall and group policy mess !
    ... When I click the firewall option to turn it on as prompted by the security ... netowrk administrator is using Group Policy to control these settings. ... an 'administrator' account. ... up with a limited user account so that you couldn't accidentally ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: No lockout policy... why not?
    ... authentication token and PIN, you can't even get to a password prompt to ... Seems Anna was napping in class when the subject of Administrator ... Administrator account is either a workable solution or will do more ... Focusing on the firewall isn't all that should be done. ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows XP - computer workgroup
    ... A desktop uses windows XP PRO and a wireless ... They all have Windows firewall active and exception as remote desktop ... With the GUEST user account not active ... start by running the Network Setup Wizard on all machines (see ...
    (microsoft.public.windowsxp.network_web)
  • Re: Peer-to-Peer
    ... username which is defaulting to a guest account. ... Also I can see the computers in the workgroups on both ... start by running the Network Setup Wizard on all machines (see ... by 1) a misconfigured firewall or overlooked firewall (including a stateful ...
    (microsoft.public.windowsxp.basics)