Locking Windows
Introduction
Static IPs are part of the persistent-connection
problem, but Windows itself is also to blame.
(Consumer editions of Windows, anyway--NT and
Windows 2000 are a different game entirely.) Windows
95 and 98 are full of security gaps. Here are a few
things you should do to close them up.
What To Do
Turn off file sharing if you don't need it. If
you're not sharing files with other
computers--usually you would do so over a home
network--then disabling this feature closes up
plenty of holes. To ensure file sharing is off,
right-click Network Neighborhood and pick
Properties. Click the button labeled "File and Print
Sharing" and make certain that both boxes in the
resulting dialog box are unchecked.
Set up file sharing carefully if you need to use it.
Right-click Network Neighborhood, choose Properties,
and click "File and Print Sharing." Check the box
next to "I want to give others access to my files."
Next, pick or create a specific folder you'll let
people access, such as c:\My Documents\Photos. In
Windows Explorer, right-click the folder and pick
Sharing from the context menu. In the dialog box
that appears, click the radio button next to Shared
As: and enter a name for the folder in the field to
the right. (The name you choose is the name that
will appear to those who browse the folder over the
network or the Internet).
If you want people to be able to add, remove, or
change documents in the folder, click the Full radio
button under Access Type.
If you want people to be able only to copy or look
at the files in the folder, click the Read Only
radio button.
In either case, be sure to enter a password (no
fewer than four and no more than eight characters)
in the field at the bottom of the dialog box. The
dialog box will allow you to click OK without your
entering a password, but in that case, anybody who
browses the folder will get access to the files
inside.
Monitor your shared folders using the Windows Net
Watcher utility. The app displays all the users
currently connected to shared folders and lets you
disconnect them if necessary. The utility isn't part
of Windows 95 or 98's default installation, but you
can install it from your Windows CD-ROM by following
these steps:
1.Click Start, Settings, Control Panel and open
Add/Remove Programs.
2.Click the Windows Setup tab. In Windows 98, scroll
down the list of setup categories and double-click
System Tools. In Windows 95, find and double-click
Accessories.
3.Check the box next to Net Watcher, and click OK
twice to exit the dialogs.
4.Windows will install Net Watcher. After your
system's rebooted, choose Start, Programs,
Accessories, System Tools, Net Watcher to launch the
utility.
Download system patches. Windows 98 users can head
to the Windows Update Web site to automatically
download security-related patches for their
operating system. If you're still using Windows 95,
you'll have to download each Security Update patch
manually at the Windows 95 Downloads page.
Check your shields. After you've taken the steps
above, the
Shields UP! Web site
(run by Gibson Research
Corporation) can look at your connection to the rest
of the world and let you know if any holes remain.
Drop by and see if you have any further
vulnerabilities. Shields UP! also contains some
extremely in-depth advice regarding Windows
networking settings.
