Hardware Secrets Forums


Go Back   Hardware Secrets Forums > Miscellaneous > Content Comments



Reply
 
Thread Tools Search this Thread Display Modes
Old 05-10-2005, 05:41 PM   #1
Hardware Secrets Team
Administrator
 
Join Date Nov 2004
Posts: 5,592
Hardware Secrets Team is on a distinguished road

Default Protecting Your Computer Against Invasions

There has been a new article posted.

Title: Protecting Your Computer Against Invasions
URL: http://www.hardwaresecrets.com/article/137

Here's a snippet:
With the popularization of broadband Internet connection, more and more users have their Internet connection active during all the time the computer is on. Even if you are not in fact accessing the In...

Comments on this article are welcome.
Hardware Secrets Team is offline   Reply With Quote
new Sponsored Links

Old 09-26-2009, 12:59 PM   #2
danielwritesback
Junior Member
 
Join Date Sep 2009
Posts: 14
danielwritesback is on a distinguished road

Default

Quote:
Originally Posted by Hardware Secrets Team View Post
There has been a new article posted.

Title: Protecting Your Computer Against Invasions
URL: http://www.hardwaresecrets.com/article/137

Here's a snippet:
With the popularization of broadband Internet connection, more and more users have their Internet connection active during all the time the computer is on. Even if you are not in fact accessing the In...

Comments on this article are welcome.
Following the progression of articles, first we make a new network and then we disable networking?
That's not cool!

Here's what happens:

First, the end user could have overlooked something VERY important that you said: ". . . on all the time. . ." and also overlook that an important security enhancement is the Standby mode and the power switch.
There is no such thing as foolproof security, but good security increases the time required for break in. Standby mode (power saver) and the power switch can help considerably.

Second, either the networking (windows file and printer sharing) will get turned off or it won't, but this doesn't affect the outcome--it gets turned on when it is needed (just a few mouse clicks), and then it is still insecure.

Let's patch that up. . .

So, your networking (windows file and printer sharing) is now switched back on, and the internet side security has all failed to thwart an attack because the browser invited the attacker, who now knows for sure the exact address of your computer, despite the clumsy firewall in Windows that makes assurances, but doesn't stop data from exiting the computer. Windows has no inbuild egress firewall.
Well, browser revealing is the most common problem (more than 40 billion times per day, with approximately 60% of that malicious), so let's assume this is the case.

The last ditch security that may safeguard our data when all else has failed, is the NTFS file system security and the Windows login (both part of the same team).

Switching that up to full power is a two step process.
First, we set a password on all accounts, especially administrator and guest.
Second, just like a corporate network, we disable anonymous logins.
Note that your networking (shared files and printers) will work whenever two or more computers on the same network have the same workgroup name, same username (login name) and identical passwords; and that, this procedure is all about making sure it doesn't work "otherwise."

Switch on the guest account, set a password for the guest account, and then switch off the guest account.

Log into the administrator account (press control alt delete delete at the welcome screen) using the classic login to access it. Set a password for this account.

Set a password for all other accounts. Make these identical for all computers on your network.

Switch on the security.
Here it is listed as a registry file, which you can copy (notepad or text editor) and save as a .reg file, or you can use the registry editor if you like.


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa]
"NoLMHash="dword:00000001"
"everyoneincludesanonymous"=dword:00000000
"restrictanonymous"=dword:00000001
"restrictanonymoussam"=dword:00000001


After switching on the security features to block anonymous access, you may want to find a replacement for the windows firewall, because everything else is more effective. Configure your new 3rd party firewall to allow file sharing inside of your own network.

Lastly, there is a bit of bad news. The cool automatic list of shared resources in Network Folders / My Network Places causes your computer to broadcast your password unsecured to the maximum number of computers it can reach. The solution is to first create shortcuts to shared folders and place them on your desktop. Next, disable password broadcast this way. . .
To disable XP automatic discovery:
* In Explorer, click Tools
* Click Folder Options
* Click the View tab,
* Uncheck Automatically Search for Network Folders and Printers in Advanced settings list.
* Repeat for every account on all computers.


Summary:
Now, we have passwords on all accounts (including administrator and guest).
Computers that are supposed to share files have identical accounts with identical passwords.
We have disabled anonymous accesses and we have disabled password leakage/broadcast.
Also, we have installed a 3rd party software firewall capable of blocking egress to all computers except for those on our local network--because once we have logged in, then all software that we run still has permission to communicate unrestricted unless its blocked by a 3rd party (non-microsoft) software firewall.
This security also works for portable computers, since they now won't automatically share files with other computers unless (until) they are in their "home base" environment.

P.S.
After completing the safer networking steps, then you can switch off the windows file and printer sharing if you don't need those features. In the future, should it get switched back on, then you know that its already set up for tight security. This is much safer than assuming it won't get switched on.

Last edited by danielwritesback; 09-26-2009 at 01:04 PM.
danielwritesback is offline   Reply With Quote
Old 09-29-2009, 01:01 PM   #3
Gabriel Torres
Administrator
 
Gabriel Torres's Avatar
 
Join Date Oct 2004
USA
Posts: 4,431
Gabriel Torres is on a distinguished road

Default

This tutorial is outdated.

As for your comments, I haven't had the time to read them in depth.

Gabriel.
__________________
Editor-in-Chief
Hardware Secrets
http://www.hardwaresecrets.com
Gabriel Torres is offline   Reply With Quote
new Sponsored Links

Reply

Share This Thread

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Computer Port Extension Hardware Secrets Team Content Comments 0 11-26-2004 09:42 AM


All times are GMT -8. The time now is 07:10 AM.


vBulletin Security provided by vBSecurity (Lite) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
vBulletin Optimisation provided by vB Optimise (Lite) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd. ()
2004-12, Hardware Secrets, LLC. All rights reserved.