The
Home Office and IT Administration Nightmare
Home offices and small networks are becoming part of everyone's way of
life. Even my grandmother has Windows XP running connected to her DSL
connection and a couple other computers for my cousins. These tools
are a little hidden for the average user, that's why it's difficult
for users to implement this. History shows that, if you get used to
protecting your files it will pay off unless you want to wait until
your credit card company calls you or all of a sudden your online
banking account has been hacked.
There are two exceptional tools in Windows XP to protect your connections.
Internet Connection Firewall (ICF) can protect your home and small
office network with a simple click. This tool verifies all the communications
from the outside world to your computer. It allows and denies communications
based on your selection.
The Security Configuration Manager is a management tool used for creating
and configuring security rules for your computer. It lets you review
the your individual security settings, user rights to access the computer,
perform a security analysis and save your security settings so that
you can apply that to other computers.
Internet Connection Firewall
As its name explains, Internet Connection Firewall (ICF) creates an
additional protection layer between the Internet and your computer.
If you have a network, ICF is enabled on the Internet connection of
the workstation that is connected directly to the Internet. All connections
that originate from the Internet are stopped by this tool unless an
explict instruction is given to allow the message to enter the network.
To Enable the Internet Connection Firewall:
1. Click Start, and then point to Settings.
2. Click Control Panel, and then double-click Network Connections.
3. Right click on the connection, and select Properties. Go to Advanced.
4. Select Protect my computer and network by limiting or preventing
access to this computer from the Internet.
Fig 1. Enabling the Windows XP Professional Internet Connection
Firewall.
Don't enable ICF if you are currently using a firewall or proxy server
in your network, or if you are not connected directly to the internet.
You might loose the ability to share files, receive e-mails and connect
to other internal computers. Also, be careful if you are running a
software that requires automatic updates or special connectivity requirements
because ICF will stop that connection.
Security Configuration Manager
The Microsoft Security Configuration Manager is a set of tools that
you can use to configure security for your Windows XP Professional
workstation. It also allows your to create periodic security tests
to ensure that your system security configuration hasn't been changed.
Computer security profiles are provided as a point of reference to
define your security requirements. Users can configure the templates
with the Security Configuration and Analysis snap-in.
All security profiles are stored in the systemroot\Security\Templates
directory.
The most powerful feature is that once you configure a security profile
you can apply it to other computers in your network by just using
the Secedit.exe command or by importing the template with the Security
Configuration and Analysis snap-in.
To Import a Security Template:
- Click Start, and then point to Programs and select
Administrative Tools..
- Click Local Security Policy, and then right click under
Security Settings.
- Select Import Policy... and import the file.
Fig 2. Importing Security Policies on Windows XP Professional.
Microsoft Windows XP provides tools that can automatically configure
rules and prevent unauthorized access to individual computers. The
Security Configuration Manager can save you a lot of time by copying
security configurations between computers. To protect external connections,
Internet Connection Firewall does a great job stoping connections
from unwanted users. Use these tools and you will be safe with little
effort.
*Originally published at 2000Trainers.com
About the Author:
Leonard Loro, MCSE, MCSD, ISS, MCT, CCNA, is a recognized e-Business
specialist. His experience includes engaging, managing and implementing
large consulting projects for government agencies and companies like
Microsoft, Nissan as well as other Fortune 500's. Leonard can be reached
at Leonardo.loro@enresource.com.
Read
this newsletter at: http://www.securitypronews.com/2004/0107.html |
|
| From the Forum: | | Linux for everything? |  Many people say that everything we can do in Windows we can do in Linux.
1. Is this true?
2. Is there anything like Dream Weaver for Linux? I love Dream Weaver.
What are your thoughts on this
...
|
 |
By
Leonard Loro