From: RB on 28 Feb 2010 11:14 Does implementing logon password protection offer any protection against an online virus or Trojan attack? Or does it only prevent local physical (or Lan) users from unauthorized access ? What does the term "common" user account mean ? Is this the same thing as "limited" user account ?
From: David H. Lipman on 28 Feb 2010 11:30 From: "RB" <NoMail(a)NoSpam> | Does implementing logon password protection offer any protection against | an online virus or Trojan attack? | Or does it only prevent local physical (or Lan) users from unauthorized access ? | What does the term "common" user account mean ? | Is this the same thing as "limited" user account ? Account authentication has NOTHING to do with malware infections. What it helps to protect against is... 1. The insider threat 2. Personnel from accessing another person's account and data 3. Data protection in general Common User or Limited User accounts have nothing to do with passwords either. It has to do with the level of authorization given to a LAN user to access resources or the ability to perform tasks. A "Limited User" is just that, the person is limited in what they are authorized to do such as installing software or making modifications to trhe system. As for passords, they should be REQUIRED and be "strong". Strong as in meaing a level of complexity such that it is difficult to guess or break. For example; 8 digits minimum, using; 2 uppercase, 2 lowercase and 2 numbers and at least one special character. Having LAN accounts with "Limited User" capabilities reduces the threat of malware infection but does not eliminate that threat. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: RB on 28 Feb 2010 12:54 Thank you for the reply. I realize the logon ramifications of physical users but if you would be so kind please give me your input on the following: 1. If you disable File and Print sharing does this make your LAN more secure from an online infection jumping from one node to the other ? 2. I really need some folders shared, is there any way to password protect the access to these folders on the LAN? (does this only again protect from physcial logon users)
From: David H. Lipman on 28 Feb 2010 13:39 From: "RB" <NoMail(a)NoSpam> | Thank you for the reply. | I realize the logon ramifications of physical users but if you would be so kind | please give me your input on the following: | 1. If you disable File and Print sharing does this make your LAN more | secure from an online infection jumping from one node to the other ? Yes but it also makes administration of the LAN nodes more difficult. It is better to keep F&P Sharing enabled and the PC locked down. For example, all accounts *MUST* have strong passwords to mitigate worms and bots that spread on a LAN via password dictionary attacks. | 2. I really need some folders shared, is there any way to password protect | the access to these folders on the LAN? | (does this only again protect from physcial logon users) Is this a Workgroup or Domain account ? In a Domain account you have File Server Shares and access priveledges as well as NTFS priveledges which will limit who gets access to what. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: RB on 28 Feb 2010 14:42 > Is this a Workgroup or Domain account ? Well I'm still learning terminology but what I have is a Linksys router (Wireless running TKIP security with a long alpha numeric key) . My cable modem connects to the linksys (so I assume I have NAT ) and my one Desktop hardwire connects to the linksys and all of our laptops connect to the linksys (wireless). I have the broadcast off. I have all the computers configured to the same workgroup ( if that is what your are asking ) > In a Domain account you have File Server Shares and access priveledges as well as NTFS > priveledges which will limit who gets access to what. Ugh well ok, I thinkg I have a workgroup but I would not know if I had a domain account or not ? (dummy). And if I did I would not know how to set the NTFS priveledges ? So if I put all my user accounts on a password it will keep me from logging onto a node from another node unless I give it the user acct password ?
|
Next
|
Last
Pages: 1 2 Prev: CISVC.EXE hogs CPU; is it the same as Windows Search? Next: Sys x: format x:/u/s |