broadband security

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

The possibility of broadband has finally arrived to the residential area I
live in and I will soon be setup with Cox for broadband. So I am
considering security implications.

The PC that will be connected to the cable modem is part of a 4 PC home
wireless network. All 4 PCs in the wireless network have Zone Alarm (as
well as virus and spyware defenses) but are linked to each other in Peer to
Peer connections without a wireless router.

I am assuming that the cable modem will have a built in hardware firewall
(but maybe not). I am wondering how much of the data in the other PCs
connecting to the PC with the cable modem might be at risk through the
broadband. Is that a concern? What should I do to protect the data on the
other PCs linked by wireless since some of the folders are obviously shared
on the wireless network.

Thanks for any advice and help.


--

Jeff
Jeff@falsepart.com
15 answers Last reply
More about broadband security
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "Jeff" <jeff@naol.com> wrote in message
    news:eL5%23mygmFHA.3300@TK2MSFTNGP15.phx.gbl...
    > The possibility of broadband has finally arrived to the residential area I
    > live in and I will soon be setup with Cox for broadband. So I am
    > considering security implications.
    >
    > The PC that will be connected to the cable modem is part of a 4 PC home
    > wireless network. All 4 PCs in the wireless network have Zone Alarm (as
    > well as virus and spyware defenses) but are linked to each other in Peer
    > to Peer connections without a wireless router.
    >
    > I am assuming that the cable modem will have a built in hardware firewall
    > (but maybe not). I am wondering how much of the data in the other PCs
    > connecting to the PC with the cable modem might be at risk through the
    > broadband. Is that a concern? What should I do to protect the data on
    > the other PCs linked by wireless since some of the folders are obviously
    > shared on the wireless network.
    >
    > Thanks for any advice and help.
    >
    >

    Most cable modems do not have a built in firewall. Get a wireless router and
    hook the modem up to it. Routers with a built in firewall can be had for
    less than $100.00.

    Kerry
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Here's what you can do to enhance the security on your PC
    http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx

    Internet firewalls: Frequently asked questions
    http://www.microsoft.com/athome/security/protect/firewall.mspx

    Antivirus software: Frequently asked questions
    http://www.microsoft.com/athome/security/protect/antivirus.mspx

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    -------------------------------------------------------------------------------------------

    "Jeff" wrote:

    | The possibility of broadband has finally arrived to the residential area I
    | live in and I will soon be setup with Cox for broadband. So I am
    | considering security implications.
    |
    | The PC that will be connected to the cable modem is part of a 4 PC home
    | wireless network. All 4 PCs in the wireless network have Zone Alarm (as
    | well as virus and spyware defenses) but are linked to each other in Peer to
    | Peer connections without a wireless router.
    |
    | I am assuming that the cable modem will have a built in hardware firewall
    | (but maybe not). I am wondering how much of the data in the other PCs
    | connecting to the PC with the cable modem might be at risk through the
    | broadband. Is that a concern? What should I do to protect the data on the
    | other PCs linked by wireless since some of the folders are obviously shared
    | on the wireless network.
    |
    | Thanks for any advice and help.
    |
    |
    | --
    |
    | Jeff
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From: "Jeff" <jeff@naol.com>

    | The possibility of broadband has finally arrived to the residential area I
    | live in and I will soon be setup with Cox for broadband. So I am
    | considering security implications.
    |
    | The PC that will be connected to the cable modem is part of a 4 PC home
    | wireless network. All 4 PCs in the wireless network have Zone Alarm (as
    | well as virus and spyware defenses) but are linked to each other in Peer to
    | Peer connections without a wireless router.
    |
    | I am assuming that the cable modem will have a built in hardware firewall
    | (but maybe not). I am wondering how much of the data in the other PCs
    | connecting to the PC with the cable modem might be at risk through the
    | broadband. Is that a concern? What should I do to protect the data on the
    | other PCs linked by wireless since some of the folders are obviously shared
    | on the wireless network.
    |
    | Thanks for any advice and help.
    |
    | --
    |
    | Jeff
    | Jeff@falsepart.com
    |

    To add to the security of any SOHO Router I suggest going into the Router and block both TCP
    and UDP ports 135 ~ 139 and 445. This will help keep hackers and Internet worms out and MS
    Networking information from leaking out.

    You also have to take all measures to secure your wireless access point. You have to make
    sure that no one can drive up in front of your house with a wireless notebook and get a
    connection. Such practices are common and is know as "war driving". That person might
    steal personal information from you or do something nefarious and you would be responsible
    for that person's actions. That is why it would be imperative to secure the Wireless
    Internet connectivity. Such measures are using Wireless Encryption Protocol (WEP) and only
    allowing specified MAC addresses access to the wireless network. You must also realize that
    even if you have a router with a "true" FireWall and block the ports I indicated, if you
    don't secure the wireless network then a miscreant will access your network and will be
    behind the FireWall (Aka, being within the enclave).

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    David H. Lipman wrote:
    > To add to the security of any SOHO Router I suggest going into the
    > Router and block both TCP and UDP ports 135 ~ 139 and 445. This will
    > help keep hackers and Internet worms out and MS Networking
    > information from leaking out.
    >
    > You also have to take all measures to secure your wireless access
    > point. You have to make sure that no one can drive up in front of
    > your house with a wireless notebook and get a connection. Such
    > practices are common and is know as "war driving". That person might
    > steal personal information from you or do something nefarious and you
    > would be responsible for that person's actions. That is why it would
    > be imperative to secure the Wireless Internet connectivity. Such
    > measures are using Wireless Encryption Protocol (WEP) and only
    > allowing specified MAC addresses access to the wireless network. You
    > must also realize that even if you have a router with a "true"
    > FireWall and block the ports I indicated, if you don't secure the
    > wireless network then a miscreant will access your network and will
    > be behind the FireWall (Aka, being within the enclave).

    I already have changed the SSID to a weird one and use WEP (these adapters
    are 2.4 and do not have WPA capability). Is that OK?

    Thanks for all the advice. I will try to follow it.


    --

    Jeff
    Jeff@falsepart.com
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From: "Jeff" <jeff@naol.com>


    |
    | I already have changed the SSID to a weird one and use WEP (these adapters
    | are 2.4 and do not have WPA capability). Is that OK?
    |
    | Thanks for all the advice. I will try to follow it.
    |
    | --
    |
    | Jeff
    | Jeff@falsepart.com
    |

    It's a good start. Read up on the subject and the manual and do what you can.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
  6. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    In article <uIfvsAhmFHA.1948@TK2MSFTNGP12.phx.gbl>, kerry@kdbNOSPAMsys-
    tems.c*a*m says...
    > "Jeff" <jeff@naol.com> wrote in message
    > news:eL5%23mygmFHA.3300@TK2MSFTNGP15.phx.gbl...
    > > The possibility of broadband has finally arrived to the residential area I
    > > live in and I will soon be setup with Cox for broadband. So I am
    > > considering security implications.
    > >
    > > The PC that will be connected to the cable modem is part of a 4 PC home
    > > wireless network. All 4 PCs in the wireless network have Zone Alarm (as
    > > well as virus and spyware defenses) but are linked to each other in Peer
    > > to Peer connections without a wireless router.
    > >
    > > I am assuming that the cable modem will have a built in hardware firewall
    > > (but maybe not). I am wondering how much of the data in the other PCs
    > > connecting to the PC with the cable modem might be at risk through the
    > > broadband. Is that a concern? What should I do to protect the data on
    > > the other PCs linked by wireless since some of the folders are obviously
    > > shared on the wireless network.
    > >
    > > Thanks for any advice and help.
    > >
    > >
    >
    > Most cable modems do not have a built in firewall. Get a wireless router and
    > hook the modem up to it. Routers with a built in firewall can be had for
    > less than $100.00.

    I agree with getting a NAT Router as a barrier device between the
    DSL/Cable modem and the computer/network, it's a no-brainer and should
    be done by all ISP's when the person subscribes.

    The only disagreement is in the "firewall" term. Most of the sub-$100
    devices are not firewalls, they are just NAT Routers that appear to have
    Firewall-Like features and actually only provide their base protection
    by means of NAT, not by true firewall methods.


    --

    spam999free@rrohio.com
    remove 999 in order to email me
  7. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Sorry for top posting, but if I understand what you are saying (I am a total
    novice at this) is that rather than connect the wireless network as I now
    have it (simple peer to peer) I should modify it by purchasing a wireless
    router which, if I understand you correctly, I should then interpose between
    the cable modem and all the PCs that connect through it. Did I understand
    correctly?

    Does this mean I then need to disable the peer to peer wireless setup I now
    have (it took me forever to get it working <grin>) and replace it with the
    other type of wireless (not peer to peer)? On my present home wireless
    network I have changed the standard SSID and use WEP. The adapters do not
    have WPA capability.

    I already own an unused Dlink DI 514 wireless router. Is that adequate as
    the router to interpose between the cable modem and the network? If not what
    should I be getting? This is a 2.4 Ghz network and I am not in the markket
    to replace all the adapters.

    Thank you for the help. (I'll have to look up the difference between NAT and
    true firewall).


    --

    Jeff
    Jeff@falsepart.com

    Leythos wrote:
    > In article <uIfvsAhmFHA.1948@TK2MSFTNGP12.phx.gbl>,
    > kerry@kdbNOSPAMsys- tems.c*a*m says...
    >> "Jeff" <jeff@naol.com> wrote in message
    >> news:eL5%23mygmFHA.3300@TK2MSFTNGP15.phx.gbl...
    >>> The possibility of broadband has finally arrived to the residential
    >>> area I live in and I will soon be setup with Cox for broadband. So
    >>> I am considering security implications.
    >>>
    >>> The PC that will be connected to the cable modem is part of a 4 PC
    >>> home wireless network. All 4 PCs in the wireless network have Zone
    >>> Alarm (as well as virus and spyware defenses) but are linked to
    >>> each other in Peer to Peer connections without a wireless router.
    >>>
    >>> I am assuming that the cable modem will have a built in hardware
    >>> firewall (but maybe not). I am wondering how much of the data in
    >>> the other PCs connecting to the PC with the cable modem might be at
    >>> risk through the broadband. Is that a concern? What should I do
    >>> to protect the data on the other PCs linked by wireless since some
    >>> of the folders are obviously shared on the wireless network.
    >>>
    >>> Thanks for any advice and help.
    >>>
    >>>
    >>
    >> Most cable modems do not have a built in firewall. Get a wireless
    >> router and hook the modem up to it. Routers with a built in firewall
    >> can be had for less than $100.00.
    >
    > I agree with getting a NAT Router as a barrier device between the
    > DSL/Cable modem and the computer/network, it's a no-brainer and should
    > be done by all ISP's when the person subscribes.
    >
    > The only disagreement is in the "firewall" term. Most of the sub-$100
    > devices are not firewalls, they are just NAT Routers that appear to
    > have Firewall-Like features and actually only provide their base
    > protection
    > by means of NAT, not by true firewall methods.
  8. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    In article <uO$XhxhmFHA.572@TK2MSFTNGP15.phx.gbl>, jeff@naol.com says...
    > Sorry for top posting, but if I understand what you are saying (I am a total
    > novice at this) is that rather than connect the wireless network as I now
    > have it (simple peer to peer) I should modify it by purchasing a wireless
    > router which, if I understand you correctly, I should then interpose between
    > the cable modem and all the PCs that connect through it. Did I understand
    > correctly?
    >
    > Does this mean I then need to disable the peer to peer wireless setup I now
    > have (it took me forever to get it working <grin>) and replace it with the
    > other type of wireless (not peer to peer)? On my present home wireless
    > network I have changed the standard SSID and use WEP. The adapters do not
    > have WPA capability.
    >
    > I already own an unused Dlink DI 514 wireless router. Is that adequate as
    > the router to interpose between the cable modem and the network? If not what
    > should I be getting? This is a 2.4 Ghz network and I am not in the markket
    > to replace all the adapters.
    >
    > Thank you for the help. (I'll have to look up the difference between NAT and
    > true firewall).

    I don't think I saw the post where you mentioned having a Wireless
    router and I was replying to another reply about it.

    With a DI514 wireless router, if that's what it's called, and I didn't
    look it up, you should see the following:

    1) Cable/DSL connection from ISP hardware to your DI-514
    2) Inside the DI-514 there is something that relates to DHCP and your
    internal LAN subnet (like 192.168.1.x or 192.168.0.x....)
    3) If you check the IP on your laptop (or wireless client) and it's
    something like 192.168.x.y then you are using NAT built into the
    wireless device (DI-514).

    If you have an IP like 24.95.x.y or 64.y.d.s or something other than
    192.168.x.y or 10.x.y.z then you may be in Bridge mode and have a full
    open public connection, and anyone can get directly to your laptop.

    Changing the SSID, disable it's broadcasting, enabling WPA or WEP if you
    can't do WPA, etc... all the minimum needed.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  9. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    On Fri, 5 Aug 2005 20:16:26 -0400, "Jeff" <jeff@naol.com> wrote:
    >David H. Lipman wrote:

    >> You also have to take all measures to secure your wireless access

    Yep. Why bother to hack via the 'net if you can tune into as a member
    of your LAN, and bypass all Internet-facting defences entirely?

    >I already have changed the SSID to a weird one and use WEP (these adapters
    >are 2.4 and do not have WPA capability). Is that OK?

    Not very - WEP is breakable. Personally, I'd rather have to plug in
    bits of wire than trust WiFi "security", but that's just me.

    Also, you prolly have hidden admins shares exposing the whole of all
    HDs to writes, so an attacker can easily drop code into (say) a
    Startup group and be up and running after you restart Windows.

    XP Home is said not to expose these hidden admin shares.
    XP Pro is said not to expose them if the account password is blank.
    XP Pro will expose them if you have an account password.
    XP Tasks won't run if account password is blank.

    See where this is leading to? Users are likely to use a trivial
    account password in order to get Tasks to run (the only way, in
    pre-SP2 XP) and then hide the need to use the password via TweakUI
    Autologin etc. and then forget about it -> rape via admin shares.


    >------------ ----- ---- --- -- - - - -
    The most accurate diagnostic instrument
    in medicine is the Retrospectoscope
    >------------ ----- ---- --- -- - - - -
  10. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org> wrote in
    message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >
    > Also, you prolly have hidden admins shares exposing the whole of all
    > HDs to writes, so an attacker can easily drop code into (say) a
    > Startup group and be up and running after you restart Windows.
    >
    > XP Home is said not to expose these hidden admin shares.
    > XP Pro is said not to expose them if the account password is blank.
    > XP Pro will expose them if you have an account password.
    > XP Tasks won't run if account password is blank.
    >
    > See where this is leading to? Users are likely to use a trivial
    > account password in order to get Tasks to run (the only way, in
    > pre-SP2 XP) and then hide the need to use the password via TweakUI
    > Autologin etc. and then forget about it -> rape via admin shares.

    Now that is very worrisome. I'm on XP Home SP-2. How do I find out about my
    hidden admins shares (whatever they are) and how do I make them secure?

    Thanks.

    Jeff
  11. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "Jeff" <jeff@naol.com> wrote in message
    news:O9%23GkrEoFHA.320@TK2MSFTNGP09.phx.gbl...
    >
    > "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org> wrote in
    > message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >>
    >> Also, you prolly have hidden admins shares exposing the whole of all
    >> HDs to writes, so an attacker can easily drop code into (say) a
    >> Startup group and be up and running after you restart Windows.
    >>
    >> XP Home is said not to expose these hidden admin shares.
    >> XP Pro is said not to expose them if the account password is blank.
    >> XP Pro will expose them if you have an account password.
    >> XP Tasks won't run if account password is blank.
    >>
    >> See where this is leading to? Users are likely to use a trivial
    >> account password in order to get Tasks to run (the only way, in
    >> pre-SP2 XP) and then hide the need to use the password via TweakUI
    >> Autologin etc. and then forget about it -> rape via admin shares.
    >
    > Now that is very worrisome. I'm on XP Home SP-2. How do I find out about
    > my hidden admins shares (whatever they are) and how do I make them secure?
    >

    Use strong passwords on all accounts including Guest and especially
    Adminstrator.

    http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_password_create.mspx

    Kerry
  12. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
    news:urYd57FoFHA.1204@TK2MSFTNGP12.phx.gbl...
    > "Jeff" <jeff@naol.com> wrote in message
    > news:O9%23GkrEoFHA.320@TK2MSFTNGP09.phx.gbl...
    >>
    >> "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org> wrote in
    >> message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >>>
    >>> Also, you prolly have hidden admins shares exposing the whole of all
    >>> HDs to writes, so an attacker can easily drop code into (say) a
    >>> Startup group and be up and running after you restart Windows.
    >>>
    >>> XP Home is said not to expose these hidden admin shares.
    >>> XP Pro is said not to expose them if the account password is blank.
    >>> XP Pro will expose them if you have an account password.
    >>> XP Tasks won't run if account password is blank.
    >>>
    >>> See where this is leading to? Users are likely to use a trivial
    >>> account password in order to get Tasks to run (the only way, in
    >>> pre-SP2 XP) and then hide the need to use the password via TweakUI
    >>> Autologin etc. and then forget about it -> rape via admin shares.
    >>
    >> Now that is very worrisome. I'm on XP Home SP-2. How do I find out about
    >> my hidden admins shares (whatever they are) and how do I make them
    >> secure?
    >>
    >
    > Use strong passwords on all accounts including Guest and especially
    > Adminstrator.
    >
    > http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_password_create.mspx
    >
    > Kerry

    Yes I know. But how do I find out about my "hidden admin shares" and what
    that is?

    Jeff
  13. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Open a command prompt and type in "net share" without the quotes.

    --

    Cheers,
    Tinkerer


    "Jeff" <jeff@naol.com> wrote in message
    news:OjX$WKKoFHA.572@TK2MSFTNGP15.phx.gbl...

    "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
    news:urYd57FoFHA.1204@TK2MSFTNGP12.phx.gbl...
    > "Jeff" <jeff@naol.com> wrote in message
    > news:O9%23GkrEoFHA.320@TK2MSFTNGP09.phx.gbl...
    >>
    >> "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org> wrote in
    >> message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >>>
    >>> Also, you prolly have hidden admins shares exposing the whole of all
    >>> HDs to writes, so an attacker can easily drop code into (say) a
    >>> Startup group and be up and running after you restart Windows.
    >>>
    >>> XP Home is said not to expose these hidden admin shares.
    >>> XP Pro is said not to expose them if the account password is blank.
    >>> XP Pro will expose them if you have an account password.
    >>> XP Tasks won't run if account password is blank.
    >>>
    >>> See where this is leading to? Users are likely to use a trivial
    >>> account password in order to get Tasks to run (the only way, in
    >>> pre-SP2 XP) and then hide the need to use the password via TweakUI
    >>> Autologin etc. and then forget about it -> rape via admin shares.
    >>
    >> Now that is very worrisome. I'm on XP Home SP-2. How do I find out about
    >> my hidden admins shares (whatever they are) and how do I make them
    >> secure?
    >>
    >
    > Use strong passwords on all accounts including Guest and especially
    > Adminstrator.
    >
    > http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_password_create.mspx
    >
    > Kerry

    Yes I know. But how do I find out about my "hidden admin shares" and what
    that is?

    Jeff
  14. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Tinkerer wrote:
    > Open a command prompt and type in "net share" without the quotes.

    Thanks Tinkerer. I did as you said on my laptop and got:
    ...............................
    Share name: IPC$
    Resource: (The column is blank)
    Remark: Remote IPC

    The Command completed successfully.
    ................................

    Not sure what that means, good or bad? <grin>

    Jeff

    > "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
    > news:urYd57FoFHA.1204@TK2MSFTNGP12.phx.gbl...
    >> "Jeff" <jeff@naol.com> wrote in message
    >> news:O9%23GkrEoFHA.320@TK2MSFTNGP09.phx.gbl...
    >>>
    >>> "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org>
    >>> wrote in
    >>> message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >>>>
    >>>> Also, you prolly have hidden admins shares exposing the whole of
    >>>> all
    >>>> HDs to writes, so an attacker can easily drop code into (say) a
    >>>> Startup group and be up and running after you restart Windows.
    >>>>
    >>>> XP Home is said not to expose these hidden admin shares.
    >>>> XP Pro is said not to expose them if the account password is blank.
    >>>> XP Pro will expose them if you have an account password.
    >>>> XP Tasks won't run if account password is blank.
    >>>>
    >>>> See where this is leading to? Users are likely to use a trivial
    >>>> account password in order to get Tasks to run (the only way, in
    >>>> pre-SP2 XP) and then hide the need to use the password via TweakUI
    >>>> Autologin etc. and then forget about it -> rape via admin shares.
    >>>
    >>> Now that is very worrisome. I'm on XP Home SP-2. How do I find out
    >>> about
    >>> my hidden admins shares (whatever they are) and how do I make them
    >>> secure?
    >>>
    >>
    >> Use strong passwords on all accounts including Guest and especially
    >> Adminstrator.
    >>
    >> http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_password_create.mspx
    >>
    >> Kerry
    >
    > Yes I know. But how do I find out about my "hidden admin shares" and
    > what
    > that is?
    >
    > Jeff
  15. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Sorry I missed this before Jeff. I assume cquirke has answered your
    questions...:-)

    --

    Cheers,
    Tinkerer


    "Jeff" <jeff@naol.com> wrote in message
    news:u0g6TDRoFHA.2156@TK2MSFTNGP09.phx.gbl...
    Tinkerer wrote:
    > Open a command prompt and type in "net share" without the quotes.

    Thanks Tinkerer. I did as you said on my laptop and got:
    ...............................
    Share name: IPC$
    Resource: (The column is blank)
    Remark: Remote IPC

    The Command completed successfully.
    ................................

    Not sure what that means, good or bad? <grin>

    Jeff

    > "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
    > news:urYd57FoFHA.1204@TK2MSFTNGP12.phx.gbl...
    >> "Jeff" <jeff@naol.com> wrote in message
    >> news:O9%23GkrEoFHA.320@TK2MSFTNGP09.phx.gbl...
    >>>
    >>> "cquirke (MVP Windows shell/user)" <cquirkenews@nospam.mvps.org>
    >>> wrote in
    >>> message news:pjqrf191g1o9pq54bg9kirqcs3m03ogn73@4ax.com...
    >>>>
    >>>> Also, you prolly have hidden admins shares exposing the whole of
    >>>> all
    >>>> HDs to writes, so an attacker can easily drop code into (say) a
    >>>> Startup group and be up and running after you restart Windows.
    >>>>
    >>>> XP Home is said not to expose these hidden admin shares.
    >>>> XP Pro is said not to expose them if the account password is blank.
    >>>> XP Pro will expose them if you have an account password.
    >>>> XP Tasks won't run if account password is blank.
    >>>>
    >>>> See where this is leading to? Users are likely to use a trivial
    >>>> account password in order to get Tasks to run (the only way, in
    >>>> pre-SP2 XP) and then hide the need to use the password via TweakUI
    >>>> Autologin etc. and then forget about it -> rape via admin shares.
    >>>
    >>> Now that is very worrisome. I'm on XP Home SP-2. How do I find out
    >>> about
    >>> my hidden admins shares (whatever they are) and how do I make them
    >>> secure?
    >>>
    >>
    >> Use strong passwords on all accounts including Guest and especially
    >> Adminstrator.
    >>
    >> http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_password_create.mspx
    >>
    >> Kerry
    >
    > Yes I know. But how do I find out about my "hidden admin shares" and
    > what
    > that is?
    >
    > Jeff
Ask a new question

Read More

Broadband Security Wireless Network Windows XP