Re: User Conectivity at Home
- From: Chuck <none@xxxxxxxxxxx>
- Date: Wed, 27 Dec 2006 10:20:00 -0800
On Wed, 27 Dec 2006 09:44:00 -0800, Jim <Jim@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
"Chuck" wrote:
On Wed, 27 Dec 2006 09:00:02 -0800, Jim <Jim@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I have a small workgroup network at home. My primary system is the
repository for my wife and son's information (photos, music, etc.).
I am very concerned about outside influences (i.e. internet traffic) that
may have access to the data.
Right now, access rights are setup for "everyone" for those folders that
they have access to. However, since I preach security to my family, their
systems are all secured via profiles and passwords. It seems to me that
having a shared folder setup for "everyone" is a breach of such security.
The real question(s):
1) Do I have anything to worry about from the outside world?
2) If so, is there a way to define a user profile on my home system, without
granting general access to the other profiles or having them show up on the
"Welcome" screen (or even being able to signin locally)? - I don't care if
they have access, its just that they have their own systems and prefer not to
mess with mine - so if I have to define them and they show up, that's ok,
just a inconvenience for me since I have to make sure I'm accessing the right
profile every time I get on anyway.
Thanks for your help.
Jim,
If your network is behind a NAT router, then your file sharing is more or less
safe right now. There are no known exploits that will breach a NAT router, bar
a malware infection opening a door from the inside.
Practice layered security on all computers, and you should be OK there.
<http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html>
http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html
Is your entire LAN Ethernet based, or does it have any WiFi? If completely
Ethernet, then you can simply trust the network to the extent that each of you
can trust the other.
User Profiles are where personal data is stored. This is accessible to the
account owner (and maybe to administrators, if applicable).
A designated folder for sharing to "Everyone" isn't a breach of security, it's
common sense. You have a folder for Everyone, and other folders for yourself.
Having this separation encourages you to keep your private data private.
You can setup userids on your computer, to grant access to specific people thru
the network, without allowing them desktop access (local login). Network access
and local access can be two separate privileges. If you're going to have a lot
of different people sharing specific data on your computer, though, you'd be
better off in the long run setting up a domain.
<http://nitecruzr.blogspot.com/2006/01/proper-network-design.html#Domain>
http://nitecruzr.blogspot.com/2006/01/proper-network-design.html#Domain
Thank you sir. This is great news to me, and very helpful. You have
answered my questions, and I'll go forward from here.
Again, thank you for your time Sir.
Glad to help, Jim. Ask more questions as the details occur to you. Windows
Networking, and security, are incredibly intricate subjects.
--
Cheers,
Chuck, MS-MVP [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
.
- References:
- Re: User Conectivity at Home
- From: Chuck
- Re: User Conectivity at Home
- From: Jim
- Re: User Conectivity at Home
- Prev by Date: Re: User Conectivity at Home
- Next by Date: Re: Network File Sharing Problem
- Previous by thread: Re: User Conectivity at Home
- Next by thread: Network File Sharing Problem
- Index(es):
Relevant Pages
|
