At home I have created a wireless network and configured XP SP2 to do simple file and printer sharing. Firewall is configured to trust the local network behind the router.
When I'm on the road, what should I do to secure my laptop when connecting to public WiFi spots? It would be a PITA to turn off sharing on every folder I created for the home network.
What do you guys do to manage these two "profiles"? How do you do it?
How about using the security credentials that XP provides, so in addition to the firewall features, only grant security access to the shares to the users that need access and not EVERYONE or GUEST users.
David.
Anyone that manages to get onto your WiFi network at home is therefore trusted. I have a long lease time for DHCP, and configured just a couple of trusted addresses.
If your home network happens to be one of the widely popular numbers, that might not be a good thing either. I always move away from 192.168.0.x on any router I set up, just so I don't get confused. You might wind up "blessing" the wrong network.
You could always run a cmd prompt "net stop server". That stops print and file sharing, and a couple of other things you probably don't need at Starbucks. When you reboot it would come back, or you could start it and its dependents from start-run-services.msc
With ZoneLabs it was pretty simple. Whenever I connected to a new network, it would show up as a new subnet, and get appropriate permissions.
speeder wrote in news: snipped-for-privacy@4ax.com:
If it were me, I would use the Authenticated User Group on shares and remove all other accounts off the share. But you need to be using NTFS. That's what I do on all my shared folders. It means an user account/user-id must be set-up using XP's User Manager to access the share. If the proper account credentials or user-Id and psw are not given when a remote machine tries to access the share, access is denied, which can be set for user-id (s)/users on your LAN.
Others have covered some of the methods and requirements. I'll just offer some useful tools:
Just switch the firewall to ON with no exceptions.
Good stuff, thanks everyone. I just found out my laptop is XP Home and according to one of those links:
"Unfortunately, XP Home Edition doesn't allow you to disable Simple File Sharing and is unable to join a domain, so the best you can hope for is to make sure you set your shared folders to be read only, hide the file shares by using a $ sign after the folder name, or if your using the NTFS file system, use the 'Make Private" option in the folder properties."
I guess the secure and simplest solution is to configure my firewall to untrust local networks.
I liked this idea but when I tried it I could still see shares. Perhaps other services need to be stopped as well?
...correction. I could see the shares on the desktop but not the other way around! I guess I'll use this trick with the firewall config thing.
thanks
speeder wrote in news: snipped-for-privacy@4ax.com:
Really, all you have to do is block traffic on port 445.
seeing isn't the same as being able to connect.
The server service handles connections.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.