Solved

Secure PC in Wirelles network

Posted on 2006-11-14
6
296 Views
Last Modified: 2013-12-04
I am going to use internet services from local Wirelless ISP, so I am curious in how would I secure files on my PC, so noone in wirelles network (Not even ISP itself) can see files on my PC. I would like to be invisible to all PC's that are in wirelles network (and internet users too, ofc ourse). I already have installed antivirus and software firewall...

Thanxs in advance
0
Comment
Question by:Priest04
  • 3
  • 3
6 Comments
 
LVL 32

Expert Comment

by:r-k
ID: 17945032
If your goal is to keep others from seeing what is on your PC, just set your firewall to block all access, i.e. in Windows Firewall "check" the box that reads "Don't allow Exceptions".

The above will do what I think you want, but note two major exceptions:

(1) People can still snoop on your network traffic. To prevent that, check that your wireless traffic is encrypted using WPA. Of course, that only protects the traffic that is over the wireless segment, people may still snoop beyond the access point. To prevent the latter you have to use something like VPN etc.

(2) The firewall and encryption and VPN are no use if your PC were to get infected with a trojan or spyware. The most likely ways this can happen is by unsafe web browsing or clicking on email attachments. So be aware of what is running on your PC at all times. Use an updated AV program, plus Windows Defender, but most importantly, be careful what you click on, and don't trust email atachments, and don't run unknown freeware/shareware.
0
 
LVL 18

Author Comment

by:Priest04
ID: 17945719
Ok, I am using internet (dial up) for the last 6 years, so I was aware of the point (2).

Do I need (and is it advisable) to turn of file printer sharing, NetBIOS over TCPIP, and maybe some other services? And about the firewall, when I apply this option "Don't allow Exceptions", how will it reflect on some p2p programs like e emule, and also, if I ever wanted to play a game on the network, I believe I would need to open some ports (never tried it before), so how does it reflect on security? Can those ports be used by "intruders"?

P.S. What firewall would you advise me to use (seeing all the above things)??
0
 
LVL 32

Accepted Solution

by:
r-k earned 250 total points
ID: 17947892
"Do I need (and is it advisable) to turn of file printer sharing, NetBIOS over TCPIP, and maybe some other services? "

Strictly speaking, if your firewall is functioning, these services don't matter. But, if you don't need file/printer sharing, I would defintely turn them off. That way you are protected even if the Firewall were to stop for some reason.

To see what network ports might be open on your machine, open a Command Window (DOS prompt) and type:

  > netstat -ab

"when I apply this option "Don't allow Exceptions", how will it reflect on some p2p programs like e emule..."

Those would definitely get blocked, so you would have to un-check that box, and add exceptions for anything like that. I don't use emule myself, but programs like that are a potential security risk, so you will have to make a judgement about the need for security vs the need to run those programs. When you allow people to get to some files on your system (with emule e.g.) there is always some non-zero risk that a hacker may exploit that to get to other files.

Opening ports is generally very easy with software firewalls. Most of them just prompt you the first time you use a program that needs an open port, and you just click on "Allow" or "Unblock" etc.

It is advisable to be familiar with how to check the Firewall configuration so you can review and turn off anything that was opened unintentionally.

"What firewall would you advise me to use"

Assuming we're talking software firewalls, you can choose between Zonealarm and the XP Firewall. Both work perfectly fine for blocking hackers, but there are a couple of tradeoffs:
 (1) The XP Firewall is easier to use/configure and is less obtrusive, and is free.
 (2) Zonealarm can block traffic in both directions (XP Firewall just blocks incoming)
The advantage of point (2) is that in case some trojan were to get installed on your PC, then Zonealarm will block it from communicating with the outside world (or at least warn you). Also note that the Windows Vista Firewall also has this feature in case you're planning to upgrade anytime soon.

Hope this helps some. I am assuming we're talking about a personal system with average security requirements, and not something highly sensitive, nor a corporate PC. And don't forget regular backups are your best friend when it counts.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 18

Author Comment

by:Priest04
ID: 17954715
r-k, thanxs for all the info. If you would be kind to answer one more question about ZA and the points are yours. I already had zone alarm, so after I joined the wireless ISP, I went on couple of sites to see how secure I am. And they all warned me about two ports being opened: 23 and 2000, and that my PC responds to pinging (ICMP). I have set both Internet and trusted zones to High security. How can I close those two ports and deny ping requests (I have disabled telnet service, which uses 23). I have tired with cusrom settings in ZoneAlarm firewall setings, but with no sucess.

The reason why I am this "melodramatic" is because I am a programmer, so I wouldnt like anyone do get hands on my software, especially the ISP, which like me cells software onr the same market. :)

Thanxs.
0
 
LVL 18

Author Comment

by:Priest04
ID: 17958178
Ok, I didnt pay attention on the IP address that was examined on those sites. It was the IP address of the ISP server (router, or whatever), not my IP address, since we all go over one IP address (as far as I know). Can you tell me what software can I use to check my PC in our wireless network?
0
 
LVL 32

Expert Comment

by:r-k
ID: 17958237
I will send you the ZoneALarm info a bit later, but here is a freeware application (ActivePorts) that lets you examine which ports are open on your local machine:

 http://www.protect-me.com/freeware.html
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Was laptop hacked? 11 102
Adding site to local intranet security. 4 50
Excel file "Document not saved" 8 122
Unable to display time in the powershell script parsing Event Log ? 4 63
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question