Shutdown Windows' Servers (Volker Birk)

I use a NAT router between my home XP Pro box and the Internet.

If I read the page at:

formatting link
correctly, and my router is in fact masquerading my network and sensibly filtering, I don't need "Shutdown Windows' servers" at all.

Volker, what other things would you suggest I do to be more secure with my XP machine?

Reply to
23
Loading thread data ...

Something not being necessary doesn't mean that it isn't a good thing. Shutting down unnecessary services and other basic measures to harden the hosts behind a firewall is alway part of a serious firewall concept.

What about your host being led to attack its own services? The common Flash Player plugin in your webbrowser would allow such a thing, even for services with port < 1024.

Reply to
Sebastian Gottschalk

You should think of things in multiple lines of defense. The NAT router is a great line of defense, but that is no reason to leave other things vulnerable. Suppose there were ways around your router (such as wireless, or if the router is compromised). It is *always* a good idea to turn off unnecessary services.

I don't know if it's ever been used, but I bet that a lot of linksys routers could be compromised by tricking people to click on some URL like

http://admin:admin@192.168.1.1/some-query-string-to-add-a-bad-allow-rule (you have changed the default password on your router, right?)

On the whole bad things happen when people consider some particular line of defense invulnerable.

-j

Reply to
Jeffrey Goldberg

Don't use Internet Explorer for web browsing. Auto-Update your software, keep all up-to-date. Don't work as Administrator, but as restricted user. Use the admin account for installing and configuring your system only. Think about an alternative MUA while Outlook Express implements ActiveScripting.

And keep being careful in the net. Social engineering attacks like Phishing, sending you malware by mail or offering you dubious software "for free", which is not from trustworthy sources like most of the Free Software, request your brain, not technical means.

Yours, VB.

Reply to
Volker Birk

Yes. I think, the OP can activate the Windows-Firewall without doing harm, so why not activating it?

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.