• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 137
  • Last Modified:

lock files for users from inet

hi

how do i lock the access to files, i shared for network users, for internet users?
what is the best way to do that?

i'm using w2k pro on this PC
0
reggler
Asked:
reggler
  • 7
  • 5
  • 2
1 Solution
 
AvonWyssCommented:
Don't bind the Microsoft Network Client to the adapter you're using to connect to the internet. However, if this is the very same adapter, you cannot do this so that you'd have to fall back to some firewall software.

Of course, as long as the Guest account remains disabled, anonymous access is not permitted so that your files can only be accessed when properly authenticated.

If your drive is formatted with NTFS, you can also enforce security by setting specific file access rights so that only the users supposed to allowed to read your files can access them.
0
 
regglerAuthor Commented:
if i will use a firewall, what ports do i have to disable for that?
0
 
AvonWyssCommented:
Best thing is to close all ports except the ones you need (incoming). For most private users, it's okay to completely close the PC except for outbound connections and some special ones which are triggered by outoing connections (FTP-Data, ICQ...).
0
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

 
regglerAuthor Commented:
okay, and then there is no danger for my shared files and folders?
0
 
AvonWyssCommented:
If it's properly configured, no.
0
 
regglerAuthor Commented:
what means properly?
if i closed all unused ports?
0
 
AvonWyssCommented:
go give you better advice, it would be usefulk to know more about your configuration:
* how do you access the internet?
* do you have a separate LAN card for the internal network?
* are you using any protocols but TCP/IP?
* is the guest account enabled?
* are you using NTFS on your drives?
0
 
regglerAuthor Commented:
-i access the internet over dial-up connection (ISDN)
-i have seperate LAN adapter for my network
-no, i'm only using TCP/IP
-yes, guets account is enabled
-on the server (file server, router, firewall) i'm using NTFS, on one workstation i also use NTFS and on two others i use FAT32
0
 
AvonWyssCommented:
Is the server W2K Pro or Server? If it is server, how are you sharing the internet connection (ICS or NAT)?

As general rule, computers "behind" the ICS or NAT cannot be accessed directly, so you don't have to worry about their security in the first place but only the one of the server (of course it's also good to make precausions in the internal network, also to prevent damage by malicious programs) which connects to the net.

By default, Dial-Up entries have no binding to the FIle&Printer sharing, meaning that you cannot access these services from within the internat. However, depending on the settings you made, this is possible.
0
 
regglerAuthor Commented:
okay, i'm using w2k pro an the server....
okay....thx for intormations.
0
 
AvonWyssCommented:
Ok. In Pro, you can check the bindings of the Dial-Up adapter as follows:
"Start" -> "Settings" -> "Network", open the properties of your Internet-connection, click on "Network". The "File and printer sharing" should NOT be activated in order to avoid people accessing your shares from within the net. Note that the vers same setting must be checked in the properties of your LAN connection.
0
 
modderCommented:
reggler and RideOn are duplicate accounts and have been closed.

Please advise as to who should get the points.

modder
Community Support
0
 
AvonWyssCommented:
Since I was the only expert writing in this Q, I guess there's not much to discuss about who gets the points ;-)
0
 
modderCommented:
:P
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now