• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 290
  • Last Modified:

Protecting my PC

I'm trying to keep intruders out of my PC from the following sources:

1)  Remoting into my PC through remote desktop, etc.

2)  Connecting to my PC through a VPN to our company network

3)  Getting onto my machine by searching through network neighborhood

Thanks for any help you can give me.
4 Solutions
1) Go to Control Panel -> System -> Remote tab.  Make sure "Allow users to connect remotely to this computer" is NOT checked.

2) Could you clarify a little?  Do you mean a) "I don't want someone to use VPN to connect to our company network, and then use that to connect to my computer" or b) "I don't want someone to use VPN to connect to my computer, and then use that to connect to my company's computer."  If a) - on a basic level, a person connecting to your company's network over VPN will have the same access as they would logging on to a computer at your company.

3) If you have XP Service Pack 2, go to Control Panel -> Windows Firewall -> Exceptions tab.  Make sure "File and Print Sharing" is not checked.
Whether or not you have SP2, you can also do this: In the Address Bar of My Computer or Windows Explorer, type in \\the_name_of_your_computer  This will show you what, if any folders are being shared on the network.  Close this window, and then go back into My Computer or Windows Explorer, find the shared folders (will have a little hand underneath the folder), right click on them, and select Sharing....  Then, select "Do not share this folder."

Other general things:
Use a personal firewall, such as XP SP2's or the free version of ZoneAlarm, if permitted by your company.
Be sure to keep up to date with your Windows Updates to avoid security holes.
RemulacAuthor Commented:
For number 2, I mean that I don't want anyone (other than me) to be able to VPN to our network and then access my computer.
if VPN was not a secure solution it wouldn't be very popular, don't you think?   So I think you're safe there.

Other things: software firewall, always install latest updates, don't browse questionable websites, make sure antivirus is up to  date, review user permissions (yours, other users).

I wonder why you asking?  Is there a bunch of hackers after you or something?

In case you got some info on your computer that's worth millions then keep it offline. :o)
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

RemulacAuthor Commented:
No, I just have a collegue who somehow manages to put prank software on my machine.  It's pretty funny actually.  His latest was to somehow trigger a program that kept opening and shutting my CD drive.  It gets spawned when I try to run TightVNC.

I don't know how he's getting in.  Maybe I made the mistake of not locking my computer when I went rollerblading, and he just loaded it from a floppy or CD.  And all I did to him was put liquid soap in his water glass.  What a sore-head.  

Obviously, to admit I can't fix the problem myself is to admit defeat.  This is not an option.  I need some help going toe-to-toe with this guy when it comes to meaningless techno-pranks.  

Is there a typical place from where this type of software runs?  Also, how can I tell when or how he gets onto my machine?
check the processes that are running, while the program is running and opening and closing the CD.  if you find the the suspicious executable, search for it (but enable "show hidden files" first). That way you can locate the prog. check the msconfig startup progs too.

When someone has physical access to your computer, then I suggest turn off CD and floppy booting and set BIOS password.  there ways of getting into system if you can boot.

There is Bart's XP Bootable CD or something like it, it can boot a complete working windows XP and you can edit registry and do whole bunch of things with the OS that's on the system. It's pretty neat.

Obviuosly if it's not the first time, he's got some kind of back door to your computer.

Install Norton Internet Security suite and do the bios password thing. But for Internet Security do not accept the local network as a safe network. Because it will be accepting local connections.  You can play with firewall settings to restrict access.  Also install a keylogger and check it regularly. There are one that do screenshots too.
If you are unable/disallowed to install either ZoneAlarm, the Norton Internet Security suite, or any other security software, you could try setting up a security policy to audit your computer's security (e.g. logons, access, etc).  For example, you could try checking the event log to see if he has logged on physically at your computer while you were away, or from the network (this would be under the security tab in the event viewer).  Hope this helps.

Rich RumbleSecurity SamuraiCommented:
ZoneAlarm is a good idea, if your stealth your machine, your friend cannot get on your pc, unless he's physically at the console.
If you turn off the Secondary Logon service in the service control panel, remotedesktop will no longer function, you can also specify what accounts can and cannot access RD, right-click my computer, go to Remote, "select remote users" or as stated above, Uncheck remotedesktop.

If you have VNC installed as a service, your friend would be able to vnc into your machine, espically if the remote registry service is running, as he could read HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WINVNC, password key.

But with ZA installed, he won't be able to RD or VNC into your machine any longer, and you can set a password on ZA that he doesn't know, and it should keep him from messing with your PC, or anyone else for that matter. But if ZA isn't an option, turn off remote registry (probably should anyway) and turn off secondary logon.
Get xpantispy to close holes.


Free, simple and effective.

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now