- Oct 11, 2002
Locking Down Windows
Because Windows is the most widely used operating system, it's also sadly the most often attacked. This means that some extra care in prepping your Windows systems for "Internet exposure" is not only warranted, but also entirely prudent. Exercising due diligence means that you must take steps to disable NetBIOS over TCP/IP on the Internet interface. That's because this opens doors for all kinds of nasty attacks and takeovers if it's not turned off. When you check the Properties window for your network connections (which you can do for each interface on a Windows machine) be sure to disable the Client for Microsoft Networks and the File and Printer Sharing for Microsoft Networks on the interface that connects to your cable modem or DSL box. In advanced properties for TCP/IP, also be sure to click the "Disable NetBIOS over TCP/IP" radio button.
If your version of Windows supports Protocol Bindings, be sure to unbind NetBIOS from the Internet interface as well (this applies mostly to older version of Windows, such as 9x or Windows NT). Although NetBIOS makes it convenient and easy to network locally, it can cause untold headaches if left open to the Internet. Make sure it's closed for that reason!