The Explorer: Four Myths of Online Security - InformationWeek
Software // Enterprise Applications
11:40 AM
Fred Langa
Fred Langa
Adopting Cloud the Right Way
Jun 14, 2017
Adopting a cloud mindset isn't about IT relinquishing all control and just approving invoices. It' ...Read More>>

The Explorer: Four Myths of Online Security

Make sure your PC is really secure from 'Net-based hacker attacks -- without spending a dime.

A One-Minute Primer In Networking Basics
If geekspeak makes your eyes glaze over, you may wish to skip to the next section. But reading this will only take a minute, and will help you understand the "why" of the information in the next section:

In simplified form, you can envision that your working connections have three levels or "layers." The deepest layer is the one that physically connects you to a network you're trying to reach -- and it involves hardware. For dial-up, it's the "Dial-Up Adapter" that lets your PC's networking plumbing talk to your modem. On a LAN, it's the "Network Adapter" software that lets your PC talk to your network card. DSL, cable, and similar systems also usually use a network card. A PC can have one or more hardware adapters simultaneously running, side by side: For example, I have a PC connected to a cable modem; it's also on my office LAN, and is connected to a dial-up modem. That system has two network adapters and a dial-up adapter in its networking setup.

The middle networking layer is made up of the communication protocols or "languages" that your system uses to talk to other networks. The Internet's lingua franca is "TCP/IP." Other commonly used protocols are NetBEUI and IPX/SPX. These protocols also can operate side-by-side: Any protocol can simultaneously be tied (or "bound") to one or more hardware adapters; likewise a hardware adapter may simultaneously be bound to multiple protocols.

The topmost layer is the networking services -- the logons, the "print and file sharing," the "client" software that sits on top of the rest of the plumbing and lets you do the things you want to do on the network. Unfortunately, they're a two-way street, so they may also let hackers do what they want to do!

So, the trick to making your PC secure is to ensure that any dangerous settings or services (such as "print and file sharing") are never needlessly connected to a protocol or adapter that's accessible from the Internet at large, where hackers might exploit them. In other words, by carefully selecting what gets "bound" to what, you can ensure that inherently unsafe services and protocols are simply not accessible to or from your Internet connection.

How to Make Windows Safer on the Internet
The information I'll present here isn't dangerous, but it's always a good idea to make a backup of critical data on your system before you start making any system changes; and to write down what your settings were so you can restore things if you need to. If you're on a LAN or if you have special networking needs (such as the need to connect remotely to a corporate LAN or VPN from a home office) talk to your network administrator before implementing any changes.

Let's start by examining your networking setup: Right-click Network Neighborhood and select Properties. (Or click the Network icon in Control Panel, which is the same thing.)

What we'll now do is remove the parts of your networking setup that make it easy for someone to connect to your PC via the Internet's protocol: TCP/IP:

If you don't have a dial-up connection, skip to the next paragraph. Otherwise, double click Dial-Up Adapter, then Bindings. UNcheck anything in the bindings box except TCP/IP; then click OK. Next, in the main network dialog, double-click the item labeled "TCP/IP -> Dial-Up Adapter." (You may have to scroll down in the window to see it. Also, if a Dial Up Adapter is the only adapter in your system, it may simply say "TCP/IP.") You may get a warning from Windows about the danger of changing these settings; ignore the warning -- the real danger is in not changing these settings. After you dismiss the warning dialog box, click on the Bindings tab. In the Bindings box, if "Client for Microsoft networks" and/or "File and printer sharing for Microsoft networks" are present and checked, UNcheck them, and click OK. If they were the only things TCP/IP was bound to, you'll get a warning that states: "TCP/IP is no longer bound to any drivers" and asks whether you want to select one. Answer "No." You do not want clients or sharing services bound to TCP/IP.

If you have a network card or cards in your system, for each card click on the TCP/IP label. For example, in my system, which uses an inexpensive Realtek brand network interface card (NIC), I'd click on "TCP/IP -> Realtek RT8029(as) PCI Ethernet NIC." Click the bindings tab, and be sure that "Client for Microsoft networks" and "File and printer sharing for Microsoft networks" are UNchecked.

2 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of Data and Analytics
Today's companies are differentiating themselves using data analytics, but the journey requires adjustments to people, processes, technology, and culture. 
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll