LISTSERV - PCBUILD Archives - LISTSERV.ICORS.ORG

PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG

	LISTSERV Archives
	PCBUILD Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Network Standards
From:	David Gillett <[log in to unmask]>
Reply To:	PCBUILD - Personal Computer Hardware discussion List <[log in to unmask]>
Date:	Mon, 7 Feb 2005 19:02:15 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (43 lines)

  Every user should have their own ID and password.  For 2-3 machines, they
just need to remember to change it on all machines whenever they change it --
 which probably won't be as often as it should be.  For more machines, you
want at least one server as a domain controller (two is better) and so all
password changes apply to the entire domain automatically.
  Enable auditing.  Audit all failure events, and successful logins and
policy changes.  Increase the size of the system, application, and security
logs to about 32K each.  With a network this size, you won't have the
resources to monitor the logs, but they might help you figure out what
happened after something goes wrong.
  Configure the router/gateway/firewall to enable only the traffic you need
to.  Ideally, this would be a short list of client port numbers outbound and
possibly server port numbers inbound, but equipment limitations may force
other choices.  Do not allow NetBIOS/SMB/CIFS ports (135, 137, 139 and 445)
to cross the perimeter.

  I'm sure there's more, but those are some good starting points.

David Gillett

On 6 Feb 2005 at 6:48, Hugh Vandervoort wrote:

> Thanks to this list I now know enough about networks to be dangerous. :)
> I've recently gotten a couple of jobs setting up networks in small offices,
> and, while I have no trouble making things work, I wonder what the standard
> practices are for security and sharing files. I've never had occasion to
> work in such an environment.
> The usual situation is 2 or 3 computers sharing a broadband connection and
> virtually total ignorance on the part of the clients. OS is XP or 2000.
> I've been designating a single shared folder, which simplifies things and
> seems to work. I also install AV and Spyware protection.
>
> What else should I be looking at to do a thorough job?
>
>            The NOSPIN Group is now accepting donations to help
>           defer the costs of providing PCBUILD and our website.
>            Visit http://freepctech.com to donate using PAYPAL

                  Visit our website regularly for FAQs,
               articles, how-to's, tech tips and much more
                          http://freepctech.com

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG