How secure is Win2k Pro if your not running a firewall
- Thread starter PC Freak
- Start date
I have a Windows 2000 Pro machine connected to the Internet 24/7 via a cable modem. It's been running since October 2000 without any security problems so far.
Windows 2000 Pro is one of the most secure operating systems available right now. There are far less security exploits found on Win2K than most other operating systems, especially Linux. Linux can be very secure when configured and maintained by a good Unix administrator, but it's usually full of holes out-of-the-box.
If you are running Windows 2000 Pro on the Internet, there are a few things you'll want to do to make it secure. Double click on Network and Dial-Up Connections in Control Panel. Go to the Advanced menu and down to Advanced Setting. Make sure that Internet Protocol(TCP/IP) is UNchecked under both Files and Print Sharing and Client for Microsoft Networks. The next thing you'll want to do is right click Local Area Connection inside Network and Dial-Up Connections and select Properties from the menu. Highlight Internet Protocol(TCP/IP) and then click the Properties button. Click the Advanced button. Select the WINS tab. Make sure that Disable NetBIOS over TCP/IP is choosen and then click OK.
Windows 2000 Pro is one of the most secure operating systems available right now. There are far less security exploits found on Win2K than most other operating systems, especially Linux. Linux can be very secure when configured and maintained by a good Unix administrator, but it's usually full of holes out-of-the-box.
If you are running Windows 2000 Pro on the Internet, there are a few things you'll want to do to make it secure. Double click on Network and Dial-Up Connections in Control Panel. Go to the Advanced menu and down to Advanced Setting. Make sure that Internet Protocol(TCP/IP) is UNchecked under both Files and Print Sharing and Client for Microsoft Networks. The next thing you'll want to do is right click Local Area Connection inside Network and Dial-Up Connections and select Properties from the menu. Highlight Internet Protocol(TCP/IP) and then click the Properties button. Click the Advanced button. Select the WINS tab. Make sure that Disable NetBIOS over TCP/IP is choosen and then click OK.
better yet, test it out for yourself - www.grc.com. go into the site and click on 'shields up!' to begin testing.
somethings to mention besides what owensdj said.
if you're not connected to any LAN (basically home use with a dialup/dsl modem to connect to the internet, i'm not sure about this if you're on cable), you'd want to turn off NetBIOS to cover another huge hole. go to start->settings->control panel->administrative tools->services.
set the 'TCP/IP NetBIOS Helper Service' to manual and restart your computer.
BTW, with my DSL modem (and RASPPPOE used instead of verizon's crappy WinPOET implimentation), i can even turn off the DNS Client, DHCP Client too (well, set it to manual...but it's never activated by win2000 when i check) to free up some more RAM w/o any problems.
somethings to mention besides what owensdj said.
if you're not connected to any LAN (basically home use with a dialup/dsl modem to connect to the internet, i'm not sure about this if you're on cable), you'd want to turn off NetBIOS to cover another huge hole. go to start->settings->control panel->administrative tools->services.
set the 'TCP/IP NetBIOS Helper Service' to manual and restart your computer.
BTW, with my DSL modem (and RASPPPOE used instead of verizon's crappy WinPOET implimentation), i can even turn off the DNS Client, DHCP Client too (well, set it to manual...but it's never activated by win2000 when i check) to free up some more RAM w/o any problems.
win2k secure??
dunno about that bud. i just read an article about how win2k servers are the most hacked servers out of all other servers running different operatings systems.
it was from some damn hacker site w/ statistics. hm....i'm sure someone else read it...link anyone?
dunno about that bud. i just read an article about how win2k servers are the most hacked servers out of all other servers running different operatings systems.
it was from some damn hacker site w/ statistics. hm....i'm sure someone else read it...link anyone?
pc freak...do yourself a favor and get yourself a firewall
hell, use zonealarm- it's free, it's great, it's easy, it's damn secure!
ZoneAlarm Free Personal Firewall
that cable modem of yours should d/l it in less than 15 seconds.
hell, use zonealarm- it's free, it's great, it's easy, it's damn secure!
ZoneAlarm Free Personal Firewall
that cable modem of yours should d/l it in less than 15 seconds.
I'm running a misconfigured linux firewall right now
but that's beside the point.
in win2k if i uncheck tcp/ip from under filesharing, file sharing
is disabled also. is there another protocol i need to install to
get file sharing working within my local network?
also, if someone doesn't mind helping me with my linux firewall configuration
i think i have a misedited rc.firewall file. i just want to forward traffic on
port 21 to my comp, and allow web functionality, napster functionality on other
computers in the network.
but that's beside the point.
in win2k if i uncheck tcp/ip from under filesharing, file sharing
is disabled also. is there another protocol i need to install to
get file sharing working within my local network?
also, if someone doesn't mind helping me with my linux firewall configuration
i think i have a misedited rc.firewall file. i just want to forward traffic on
port 21 to my comp, and allow web functionality, napster functionality on other
computers in the network.
if i were to guess
i would say my linux box is directing all traffic
to my machine. telnet/ftp/etc.. not just ftp if
that helps. i can't even telnet into it, so i have to
go dig up a old monitor.
icq: #13359037
aim: dr steelface
i would say my linux box is directing all traffic
to my machine. telnet/ftp/etc.. not just ftp if
that helps. i can't even telnet into it, so i have to
go dig up a old monitor.
icq: #13359037
aim: dr steelface
hmmmmm
I have Zonealarm on both Win98 machine and Win2k
I just ran some tests on both and Zonealarm only improves security on Win98!!! There is no difference between having it swithed on or off in Win2k!
My 2ps worth!
I have Zonealarm on both Win98 machine and Win2k
I just ran some tests on both and Zonealarm only improves security on Win98!!! There is no difference between having it swithed on or off in Win2k!
My 2ps worth!
I have Win2K on one machine, and 98 on another. They are both connected to the cable modem via a hub and I share files and the printer from one machine to the other.
What should I do to protect myself? I assume if I follow owensdj advice I won't be able to share anything with my other machine, so I can't do that.
Should I use a firewall on my machine? If so, which ones do you recomend? I would like to be able to access my machine from work (not required, but very much wanted.) The file sharing locally is required.
Thanks
Moohoo
What should I do to protect myself? I assume if I follow owensdj advice I won't be able to share anything with my other machine, so I can't do that.
Should I use a firewall on my machine? If so, which ones do you recomend? I would like to be able to access my machine from work (not required, but very much wanted.) The file sharing locally is required.
Thanks
Moohoo
<<I just ran some tests on both and Zonealarm only improves security on Win98!!! There is no difference between having it swithed on or off in Win2k!>>
I think not. w2k does not stealth ports and does not filter ingoing and outgoing traffic for you. How can you say there is no differcne with using it and not using it.
I think not. w2k does not stealth ports and does not filter ingoing and outgoing traffic for you. How can you say there is no differcne with using it and not using it.
I have 2 machines setup similar to Moohooya only using 2 Nics. One nic connects Win2k to the internet with ICS enabled.
This causes win2k to enable a DHCP server for the other nic (lan).
That allows me to plug the 2nd nic into a hub and allocate IP's to anything else I connect to the hub.
By doing this I can turn off file and print sharing on the (wan} cable nic and enable it on the (lan) 2nd nic.
Shields up shows my ports as closed however instead of being stealthed.
So far it has been fairly secure. /fingers crossed mode.
I even connected my Linux machines using this setup without any problems.(except setting up Samba)
Best of luck to you.
This causes win2k to enable a DHCP server for the other nic (lan).
That allows me to plug the 2nd nic into a hub and allocate IP's to anything else I connect to the hub.
By doing this I can turn off file and print sharing on the (wan} cable nic and enable it on the (lan) 2nd nic.
Shields up shows my ports as closed however instead of being stealthed.
So far it has been fairly secure. /fingers crossed mode.
I even connected my Linux machines using this setup without any problems.(except setting up Samba)
Best of luck to you.
As most users have said your better off with a firewall , and you dont really get muich better than ZoneAlarm and especially cause it's free adnd extremely easy to use 
Even on my dialup i use it continuosly
Even on my dialup i use it continuosly
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter