|
PureBytes Links
Trading Reference Links
|
For those with NT and a cable modem, unwanted NetBios access from the
internet to your computer is a significant problem. In fact my Firewall
program may offer little protection in this area. However considerable or
full security against NetBios attacks can be obtained through partially or
fully disabling the Server service, as explained below. NetBios access
seems to be tested under "Test my Shields" on the security link Bob Fulks
posted (copied after my e-mail). At least I received a report that my
computer was "Very Secure" from unwanted NetBios access after running that
test.
If you run this test and don't receive a report that your NetBios access is
"Very Secure", then you might want to read "disabling unwanted NetBios
access" below. I'm not a security expert, but what I found seems to work.
Also this significant NetBios security vulnerability is further explained
under Number 2 "Explain this to me" in the security link Bob Fulks posted.
Note that running "Probe my Ports" on the security link Bob Fulks posted is
a different matter. Running that test did cause my Firewall program to
bring up a number of alerts. Therefore protection from unwanted NetBios
access does NOT prevent another computer on the internet from trying to
access your computer through it's (virtual) Ports. Especially with a
cable modem a Firewall program is needed for that purpose.
Disabling unwanted NetBios access:
The Server service exists to allow other computers to access your computer
over a network. However there is no reason why anyone on the internet
needs to access your computer using NetBios, unless you administer or access
your computer remotely. As I understand it NetBios access over the
internet leaves your computer open to hackers trying to break your password
or trying to figure out enough about your computer configuration as to find
it's vulnerabilities.
With NT I've found security against unwanted NetBios access can be much
improved by first opening Control Panel, the "Network" icon, and the
Bindings Tab. If you have a cable modem, it's especially important to
disable your cable modem network card under "Server". When I used to run
that way with Media One, internet access worked just fine.
However I now completely disable the Server service on my computer used to
access the internet - as explained under "note" at the end. I have never
had a "Blue Screen" or a crash of NT or any such problem changing Server
"Bindings" or disabling the Server service. I have also downloaded at up
to 100 KB/second so there seems to no affect on my internet access, which I
have running all day. However all my experimenting in this area has been
with a cable modem. With dial-up access the WINS Client (TCP/IP) under
Server "Bindings" must be left enabled, but you should be able to disable
everything else.
However disabling your LAN protocol under Server "Bindings" should also
prevent other computers on your LAN from accessing the computer. However
the computer can still access the other computers on the LAN.
Note: Completely disabling the Server service on a computer accessing the
internet with a cable modem:
If you have access the internet through just one (NT) computer with a cable
modem, the most security against unwanted NetBios access is gained by
completely disabling the Server service. That is in Control Panel,
"Services" icon, you change "Startup" to Disabled. I run my computer for
internet access just fine this way. That does however cause NT to display
a message that "it cannot load a Service when I Logon". I have not found
any problems except that one message at logon.
The downside is that completely disabling the Server service also prevents
other computers on your LAN from accessing the computer connected to the
internet. However the computer connected to the internet can see and
access any other computer on your LAN, because they have the Server Service
running. Therefore to copy a file to/from my computer for accessing the
internet, I must do that from the computer connected to the internet. This
is a very minor inconvenience considering the NetBios security obtained.
However if every computer on your LAN has access to the internet through a
cable modem, a service Media One offers for example, than disabling the
Server service on every computer on the LAN defeats the purpose of the LAN.
----- Original Message -----
From: Bob Fulks <bfulks@xxxxxxxxxxxx>
To: <omega-list@xxxxxxxxxx>; <realtraders@xxxxxxxxxxxxxxx>
Sent: Wednesday, December 29, 1999 12:59 PM
Subject: Last Minute Y2K Updates
> 9. Now check your machine for Internet security
>
> Go to Steve Gibson's "Shields Up" web page at:
>
> <http://grc.com/x/ne.dll?bh0bkyd2>
>
> and check you machine. Unless you have a dedicated IP address, you
> should download the "Free IP Agent" before doing the test. There are
> two tests:
>
> Test My Shields!
> Probe My Ports!
>
|