If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Lan security questions
Does implementing logon password protection offer any protection against
an online virus or Trojan attack? Or does it only prevent local physical (or Lan) users from unauthorized access ? What does the term "common" user account mean ? Is this the same thing as "limited" user account ? |
Ads |
#2
|
|||
|
|||
Lan security questions
From: "RB" NoMail@NoSpam
| Does implementing logon password protection offer any protection against | an online virus or Trojan attack? | Or does it only prevent local physical (or Lan) users from unauthorized access ? | What does the term "common" user account mean ? | Is this the same thing as "limited" user account ? Account authentication has NOTHING to do with malware infections. What it helps to protect against is... 1. The insider threat 2. Personnel from accessing another person's account and data 3. Data protection in general Common User or Limited User accounts have nothing to do with passwords either. It has to do with the level of authorization given to a LAN user to access resources or the ability to perform tasks. A "Limited User" is just that, the person is limited in what they are authorized to do such as installing software or making modifications to trhe system. As for passords, they should be REQUIRED and be "strong". Strong as in meaing a level of complexity such that it is difficult to guess or break. For example; 8 digits minimum, using; 2 uppercase, 2 lowercase and 2 numbers and at least one special character. Having LAN accounts with "Limited User" capabilities reduces the threat of malware infection but does not eliminate that threat. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#3
|
|||
|
|||
Lan security questions
Thank you for the reply.
I realize the logon ramifications of physical users but if you would be so kind please give me your input on the following: 1. If you disable File and Print sharing does this make your LAN more secure from an online infection jumping from one node to the other ? 2. I really need some folders shared, is there any way to password protect the access to these folders on the LAN? (does this only again protect from physcial logon users) |
#4
|
|||
|
|||
Lan security questions
From: "RB" NoMail@NoSpam
| Thank you for the reply. | I realize the logon ramifications of physical users but if you would be so kind | please give me your input on the following: | 1. If you disable File and Print sharing does this make your LAN more | secure from an online infection jumping from one node to the other ? Yes but it also makes administration of the LAN nodes more difficult. It is better to keep F&P Sharing enabled and the PC locked down. For example, all accounts *MUST* have strong passwords to mitigate worms and bots that spread on a LAN via password dictionary attacks. | 2. I really need some folders shared, is there any way to password protect | the access to these folders on the LAN? | (does this only again protect from physcial logon users) Is this a Workgroup or Domain account ? In a Domain account you have File Server Shares and access priveledges as well as NTFS priveledges which will limit who gets access to what. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#5
|
|||
|
|||
Lan security questions
Is this a Workgroup or Domain account ?
Well I'm still learning terminology but what I have is a Linksys router (Wireless running TKIP security with a long alpha numeric key) . My cable modem connects to the linksys (so I assume I have NAT ) and my one Desktop hardwire connects to the linksys and all of our laptops connect to the linksys (wireless). I have the broadcast off. I have all the computers configured to the same workgroup ( if that is what your are asking ) In a Domain account you have File Server Shares and access priveledges as well as NTFS priveledges which will limit who gets access to what. Ugh well ok, I thinkg I have a workgroup but I would not know if I had a domain account or not ? (dummy). And if I did I would not know how to set the NTFS priveledges ? So if I put all my user accounts on a password it will keep me from logging onto a node from another node unless I give it the user acct password ? |
#6
|
|||
|
|||
Lan security questions
From: "RB" NoMail@NoSpam
Is this a Workgroup or Domain account ? | Well I'm still learning terminology but what I have is a Linksys router | (Wireless running TKIP security with a long alpha numeric key) . | My cable modem connects to the linksys (so I assume I have NAT ) | and my one Desktop hardwire connects to the linksys and all of our | laptops connect to the linksys (wireless). I have the broadcast off. | I have all the computers configured to the same workgroup ( if that | is what your are asking ) In a Domain account you have File Server Shares and access priveledges as well as NTFS priveledges which will limit who gets access to what. | Ugh well ok, I thinkg I have a workgroup but I would not know if I had a domain account | or not ? (dummy). And if I did I would not know how to set the NTFS priveledges ? | So if I put all my user accounts on a password it will keep me from logging onto a node | from another node unless I give it the user acct password ? Yes, it sounds like you have a workgroup. Very limited in scope. What you have is often called a Small Office Home Office (SOHO) LAN. The NAT Router will act as a simplistic FireWall and will help keep those on the Internet from hacking into your LAN as well as keeping out Internet worms. As for what you are doing on the SOHO LAN for sharing data, well that is more complex. It all depends on what you are doing an how many nodes are on the SOHO LAN. Since you are a Linksys Router, the maximum number of nodes is ~253. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#7
|
|||
|
|||
Lan security questions
As for what you are doing on the SOHO LAN for sharing data, well that is
more complex. It all depends on what you are doing an how many nodes are on the SOHO LAN. Since you are a Linksys Router, the maximum number of nodes is ~253. Ok so a domain would mean purchasing server software OS (MS WindowsServer etc). I surmise this is expensive but would have more professional abilities. As far a my Lan, I have a total ( if all active ) of 5 possible nodes. They all go through the NAT linksys. I am confused on my reading though, if I go through a NAT am I still considered Peer to Peer ? Anyhow I only need to share certain folders on various nodes (not the whole drive) but would like to make them password protected. If I set up passwords on user logon would this do this ? Is there another way to make passwords for node folders ? I will have to give my laptop user acct Admin priveledges or my broadcom wireless driver will freeze the unit in a limited access account. |
#8
|
|||
|
|||
Lan security questions
From: "RB" NoMail@NoSpam
As for what you are doing on the SOHO LAN for sharing data, well that is more complex. It all depends on what you are doing an how many nodes are on the SOHO LAN. Since you are a Linksys Router, the maximum number of nodes is ~253. | Ok so a domain would mean purchasing server software OS (MS WindowsServer etc). | I surmise this is expensive but would have more professional abilities. | As far a my Lan, I have a total ( if all active ) of 5 possible nodes. They all go | through | the NAT linksys. I am confused on my reading though, if I go through a NAT am I still | considered Peer to Peer ? | Anyhow I only need to share certain folders on various nodes (not the whole drive) but | would like to make them password protected. If I set up passwords on user logon | would this do this ? | Is there another way to make passwords for node folders ? | I will have to give my laptop user acct Admin priveledges or my broadcom wireless | driver will freeze the unit in a limited access account. NAT Router means it does Network Address Translation. Routing betwen subnet 192.168.1.x to the WAN address your Cable Internet provider,road Runner, gives you. As you get more complex, you need a server. Microsoft has SBS. Peer-to-Peer (aka; P2P) means that all the LAN nodes acts as "peers" to each other. P2P doesn't have anything more than either Read and Write or Read Only capabilities. A server provides restrictions. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
Thread Tools | |
Display Modes | |
|
|