RE: Lock down Win2K Box on a LAN?
- From: v-tomche@xxxxxxxxxxxxxxxxxxxx (Tom Che [MSFT])
- Date: Mon, 11 Jul 2005 01:51:15 GMT
Hi Geoff,
Thanks for posting here. Also thanks for all guys' wonderful replies.
Geoff, from your post, my understanding of this issue is: You want to know
how to lock down a computer in a LAN, and it needs to be on the LAN to
connect to the Internet, but it doesn't access any network resources and it
doesn't provide any. If this is not correct, please feel free to let me
know.
If all you need is just you mentioned, I think both your approach (disable
Server service) and unbinding 'File and Printer Sharing' as Dave mentioned
are simple and acceptable ideas. Of course, other guys' suggestions may
make this machine safer. However, I would remind you to avoid the security
risk from Internet. A set of effective and strong Firewall software or
settings on the server side or the client side may be helpful.
Hope this helps!
Have a nice day!
Sincerely,
Tom Che
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: "Geoff Glave" <nospam@xxxxxxxxxx>
>Newsgroups:
microsoft.public.win2000.general,microsoft.public.win2000.networking,microso
ft.public.win2000.security
>Subject: Lock down Win2K Box on a LAN?
>Lines: 22
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1506
>X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
>Message-ID: <L9Zze.144358$on1.16483@clgrps13>
>Date: Sat, 09 Jul 2005 23:34:03 GMT
>NNTP-Posting-Host: 206.116.210.17
>X-Trace: clgrps13 1120952043 206.116.210.17 (Sat, 09 Jul 2005 17:34:03 MDT)
>NNTP-Posting-Date: Sat, 09 Jul 2005 17:34:03 MDT
>Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!border2.nntp.dca.giganews.com!nntp.giganews.com!atl-c02.usenetserver.c
om!newsfeed.telusplanet.net!newsfeed.telus.net!clgrps13.POSTED!53ab2750!not-
for-mail
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.win2000.networking:25363
microsoft.public.win2000.security:14428
microsoft.public.win2000.general:58593
>X-Tomcat-NG: microsoft.public.win2000.networking
>
>Hi Everyone,
>
>I'd like to lock down a Windows 2000 Pro box on a LAN. It needs to be on
>the LAN to connect to the Internet, but that's it - It doesn't access any
>network resources and it doesn't provide any.
>
>I'd like no one else on the LAN to be able to connect to it, or ideally
even
>see it.
>
>It strikes me that a simple way to do this would be to disable the SERVER
>service. Is this a good approach? Are there any other services I could /
>should disable? Or is my approach a bad one. The computer itself is
>physically secure in a locked office.
>
>Thanks in advance.
>
>Cheers,
>Geoff Glave
>geoff at glave dot org
>Vancouver, Canada
>
>
>
.
- Prev by Date: Remote Registry Port
- Next by Date: Couldnot reconnect all the network hard drive ?
- Previous by thread: Remote Registry Port
- Next by thread: Couldnot reconnect all the network hard drive ?
- Index(es):
Relevant Pages
|
