A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Windows XP Help and Support
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Lan security questions



 
 
Thread Tools Display Modes
  #1  
Old February 28th 10, 05:14 PM posted to microsoft.public.windowsxp.help_and_support
rb
external usenet poster
 
Posts: 140
Default Lan security questions

Does implementing logon password protection offer any protection against
an online virus or Trojan attack?
Or does it only prevent local physical (or Lan) users from unauthorized access ?

What does the term "common" user account mean ?
Is this the same thing as "limited" user account ?


Ads
  #2  
Old February 28th 10, 05:30 PM posted to microsoft.public.windowsxp.help_and_support
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Lan security questions

From: "RB" NoMail@NoSpam

| Does implementing logon password protection offer any protection against
| an online virus or Trojan attack?
| Or does it only prevent local physical (or Lan) users from unauthorized access ?

| What does the term "common" user account mean ?
| Is this the same thing as "limited" user account ?


Account authentication has NOTHING to do with malware infections.

What it helps to protect against is...

1. The insider threat
2. Personnel from accessing another person's account and data
3. Data protection in general

Common User or Limited User accounts have nothing to do with passwords either. It has to
do with the level of authorization given to a LAN user to access resources or the ability
to perform tasks.

A "Limited User" is just that, the person is limited in what they are authorized to do
such as installing software or making modifications to trhe system.

As for passords, they should be REQUIRED and be "strong". Strong as in meaing a level of
complexity such that it is difficult to guess or break. For example; 8 digits minimum,
using; 2 uppercase, 2 lowercase and 2 numbers and at least one special character.

Having LAN accounts with "Limited User" capabilities reduces the threat of malware
infection but does not eliminate that threat.



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


  #3  
Old February 28th 10, 06:54 PM posted to microsoft.public.windowsxp.help_and_support
rb
external usenet poster
 
Posts: 140
Default Lan security questions

Thank you for the reply.
I realize the logon ramifications of physical users but if you would be so kind
please give me your input on the following:

1. If you disable File and Print sharing does this make your LAN more
secure from an online infection jumping from one node to the other ?

2. I really need some folders shared, is there any way to password protect
the access to these folders on the LAN?
(does this only again protect from physcial logon users)


  #4  
Old February 28th 10, 07:39 PM posted to microsoft.public.windowsxp.help_and_support
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Lan security questions

From: "RB" NoMail@NoSpam

| Thank you for the reply.
| I realize the logon ramifications of physical users but if you would be so kind
| please give me your input on the following:

| 1. If you disable File and Print sharing does this make your LAN more
| secure from an online infection jumping from one node to the other ?


Yes but it also makes administration of the LAN nodes more difficult. It is better to
keep F&P Sharing enabled and the PC locked down. For example, all accounts *MUST* have
strong passwords to mitigate worms and bots that spread on a LAN via password dictionary
attacks.


| 2. I really need some folders shared, is there any way to password protect
| the access to these folders on the LAN?
| (does this only again protect from physcial logon users)


Is this a Workgroup or Domain account ?

In a Domain account you have File Server Shares and access priveledges as well as NTFS
priveledges which will limit who gets access to what.





--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


  #5  
Old February 28th 10, 08:42 PM posted to microsoft.public.windowsxp.help_and_support
rb
external usenet poster
 
Posts: 140
Default Lan security questions

Is this a Workgroup or Domain account ?

Well I'm still learning terminology but what I have is a Linksys router
(Wireless running TKIP security with a long alpha numeric key) .
My cable modem connects to the linksys (so I assume I have NAT )
and my one Desktop hardwire connects to the linksys and all of our
laptops connect to the linksys (wireless). I have the broadcast off.
I have all the computers configured to the same workgroup ( if that
is what your are asking )

In a Domain account you have File Server Shares and access priveledges as well as NTFS
priveledges which will limit who gets access to what.


Ugh well ok, I thinkg I have a workgroup but I would not know if I had a domain account
or not ? (dummy). And if I did I would not know how to set the NTFS priveledges ?

So if I put all my user accounts on a password it will keep me from logging onto a node
from another node unless I give it the user acct password ?


  #6  
Old February 28th 10, 09:04 PM posted to microsoft.public.windowsxp.help_and_support
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Lan security questions

From: "RB" NoMail@NoSpam

Is this a Workgroup or Domain account ?


| Well I'm still learning terminology but what I have is a Linksys router
| (Wireless running TKIP security with a long alpha numeric key) .
| My cable modem connects to the linksys (so I assume I have NAT )
| and my one Desktop hardwire connects to the linksys and all of our
| laptops connect to the linksys (wireless). I have the broadcast off.
| I have all the computers configured to the same workgroup ( if that
| is what your are asking )

In a Domain account you have File Server Shares and access priveledges as well as NTFS
priveledges which will limit who gets access to what.


| Ugh well ok, I thinkg I have a workgroup but I would not know if I had a domain account
| or not ? (dummy). And if I did I would not know how to set the NTFS priveledges ?

| So if I put all my user accounts on a password it will keep me from logging onto a node
| from another node unless I give it the user acct password ?


Yes, it sounds like you have a workgroup. Very limited in scope. What you have is often
called a Small Office Home Office (SOHO) LAN.

The NAT Router will act as a simplistic FireWall and will help keep those on the Internet
from hacking into your LAN as well as keeping out Internet worms.

As for what you are doing on the SOHO LAN for sharing data, well that is more complex. It
all depends on what you are doing an how many nodes are on the SOHO LAN. Since you are a
Linksys Router, the maximum number of nodes is ~253.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


  #7  
Old February 28th 10, 09:50 PM posted to microsoft.public.windowsxp.help_and_support
rb
external usenet poster
 
Posts: 140
Default Lan security questions

As for what you are doing on the SOHO LAN for sharing data, well that is
more complex. It all depends on what you are doing an how many nodes are
on the SOHO LAN. Since you are a Linksys Router, the maximum number of
nodes is ~253.


Ok so a domain would mean purchasing server software OS (MS WindowsServer etc).
I surmise this is expensive but would have more professional abilities.

As far a my Lan, I have a total ( if all active ) of 5 possible nodes. They all go through
the NAT linksys. I am confused on my reading though, if I go through a NAT am I still
considered Peer to Peer ?
Anyhow I only need to share certain folders on various nodes (not the whole drive) but
would like to make them password protected. If I set up passwords on user logon
would this do this ?

Is there another way to make passwords for node folders ?

I will have to give my laptop user acct Admin priveledges or my broadcom wireless
driver will freeze the unit in a limited access account.



  #8  
Old February 28th 10, 10:58 PM posted to microsoft.public.windowsxp.help_and_support
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Lan security questions

From: "RB" NoMail@NoSpam

As for what you are doing on the SOHO LAN for sharing data, well that is
more complex. It all depends on what you are doing an how many nodes are
on the SOHO LAN. Since you are a Linksys Router, the maximum number of
nodes is ~253.


| Ok so a domain would mean purchasing server software OS (MS WindowsServer etc).
| I surmise this is expensive but would have more professional abilities.

| As far a my Lan, I have a total ( if all active ) of 5 possible nodes. They all go
| through
| the NAT linksys. I am confused on my reading though, if I go through a NAT am I still
| considered Peer to Peer ?
| Anyhow I only need to share certain folders on various nodes (not the whole drive) but
| would like to make them password protected. If I set up passwords on user logon
| would this do this ?

| Is there another way to make passwords for node folders ?

| I will have to give my laptop user acct Admin priveledges or my broadcom wireless
| driver will freeze the unit in a limited access account.

NAT Router means it does Network Address Translation. Routing betwen subnet 192.168.1.x
to the WAN address your Cable Internet provider,road Runner, gives you.

As you get more complex, you need a server. Microsoft has SBS. Peer-to-Peer (aka; P2P)
means that all the LAN nodes acts as "peers" to each other. P2P doesn't have anything
more than either Read and Write or Read Only capabilities. A server provides
restrictions.





--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 03:19 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.