73-997563179
Aug 23 2001, 02:41 PM
- How to share folders in Windows securely -
Oxygen3 24h-365d, by Panda Software
Madrid, 8 March 2001 -- In a recent edition of Oxygen3 24h-365d we
recommended being careful with all shared resources in computers
connected to the Internet and setting a password as a minimum security
measure. In today's edition we are going to look at the basic steps for
setting these passwords and some more sophisticated techniques for
protecting systems.
To share a folder simply select it with the right mouse button and from
the drop down menu that appears, select the option "Share..". Then, a
window will appear in which we can indicate the name of the users who
you want to share it with and the type of access allowed ("Read only ";
"Full access"; and "Depends on the password"). In the lower half of this
window there are also boxes for entering the passwords, depending on
what was selected above. (Therefore, for example, one password can be
set for read only and a different one for full access.) If the password
boxes are left empty anyone will be able to access the folder.
Therefore, a password must be set that would be difficult for a
hypothetical attacker to guess.
Another good security measure is to check that the NetBIOS (or the
network protocol that Windows uses to share resources) over the Internet
protocol TCP/IP is not enabled. If NetBIOS is enabled over TCP/IP any
Internet user could try to access shared resources.
In order to check that the option mentioned above is disabled, go to the
desktop and right click on the icon "Network Neighborhood" and select
"Properties". Then, in the new window that will appear, select the
TCP/IP protocol, click on the "Properties" button, select the "NetBIOS"
tab and check that compatibility over TCP/IP is disabled.
In Windows 98 and Windows 95 OSR/2 users will find that the option
appears in gray by default and that it cannot be selected in order to
modify it. Microsoft introduced this protection to prevent shared
resources from being accessible from Internet. For this reason, this
last check is particularly important for users with earlier versions of
Windows 95.
Interceptor
Jun 14 2002, 10:02 AM
- How to share folders in Windows securely -
Oxygen3 24h-365d, by Panda Software
Madrid, 8 March 2001 -- In a recent edition of Oxygen3 24h-365d we
recommended being careful with all shared resources in computers
connected to the Internet and setting a password as a minimum security
measure. In today's edition we are going to look at the basic steps for
setting these passwords and some more sophisticated techniques for
protecting systems.
To share a folder simply select it with the right mouse button and from
the drop down menu that appears, select the option "Share..". Then, a
window will appear in which we can indicate the name of the users who
you want to share it with and the type of access allowed ("Read only ";
"Full access"; and "Depends on the password"). In the lower half of this
window there are also boxes for entering the passwords, depending on
what was selected above. (Therefore, for example, one password can be
set for read only and a different one for full access.) If the password
boxes are left empty anyone will be able to access the folder.
Therefore, a password must be set that would be difficult for a
hypothetical attacker to guess.
Another good security measure is to check that the NetBIOS (or the
network protocol that Windows uses to share resources) over the Internet
protocol TCP/IP is not enabled. If NetBIOS is enabled over TCP/IP any
Internet user could try to access shared resources.
In order to check that the option mentioned above is disabled, go to the
desktop and right click on the icon "Network Neighborhood" and select
"Properties". Then, in the new window that will appear, select the
TCP/IP protocol, click on the "Properties" button, select the "NetBIOS"
tab and check that compatibility over TCP/IP is disabled.
In Windows 98 and Windows 95 OSR/2 users will find that the option
appears in gray by default and that it cannot be selected in order to
modify it. Microsoft introduced this protection to prevent shared
resources from being accessible from Internet. For this reason, this
last check is particularly important for users with earlier versions of
Windows 95.