Network Security Restrictions.
Network Security Restrictions.
Options affect the whole PC.
- Disable File and Printer Sharing - When file and printer sharing is installed it allows users to make services available to other users on a network, this functionality can be disabled by changing this setting.
- Securing Network Access to CD-ROM Drives - This setting determines whether data in the CD-ROM drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media. Because the CD-ROM drive is a volume, by default, it is shared as an administrative share on the network. If the option is on, the CD-ROM drive is allocated to the user as part of the interactive logon process and, therefore, only the current user can access it. This prevents administrators and remote users (and even the same user at a different workstation) from accessing the drive while the current user is logged on to the computer. The drive is shared again when the current user logs off the computer.
- Securing Network Access to Floppy Drives - This setting determines whether data in the floppy disk drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media. Because the floppy disk drive is a volume, by default it is shared as an administrative share on the network. If the option is on, the floppy disk drive is allocated to the user as part of the interactive logon process and, therefore, only the current user can access it. This prevents administrators and remote users (and even the same user at a different workstation) from accessing the drive while the current user is logged on. The drive is shared again when the current user logs off.
- Securing Network Access to DASDs - This setting determines whether data in the direct access storage device (DASD) is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media. Because the DASD is a volume, by default it is shared as an administrative share on the network. If the option is on, the DASD is allocated to the user as part of the interactive logon process and, therefore, only the current user can access it. This prevents administrators and remote users (and even the same user at a different workstation) from accessing the DASD while the current user is logged on. The DASD is shared again when the current user logs off.
- Hiding Servers from the Browser List - If you have a secure server or workstation you wish to hide from the general browser list, add this registry setting.
- Disabled Password Caching - Normally Windows caches a copy of the users password on the local system to allow for additional automation, this leads to a possible security threat on some systems. Disabling caching means the users passwords are not cached locally. This setting also removes the second Windows password screen and also remove the possibility of networks passwords to get out of sync.
- Disable Caching of Domain Password - Enabling this setting disables the caching of the domain passwords, and therefore passwords are required to be re-entered to access any additional domain resources.
- Require Alphanumeric Windows Password - Windows by default will accept anything as a password, including nothing. This setting controls whether Windows will require a alphanumeric password, i.e. a password made from a combination of alpha (A, B, C...) and numeric (1, 2 ,3 ...) characters.
- Hide Share Passwords with Asterisks - This setting controls whether the password typed when accessing a file share is shown in clear text or as asterisks.
- Disable Automatic Hidden Shares - When networking has been installed on a Windows NT machine, it will automatically create hidden shares to the local disk drives. The shares are normally accessed via \server\c$ and \server\d$ depending on the drive letter. It is possible to disable the sharing at run-time, but this tweak will stop the automatic sharing altogether.
- Disable the Ability to Remotely Shutdown the Computer Browser Service - It is possible for a malicious user to shut down a computer browser, or all computer browsers, on the same subnet. If all of the computers on the same subnet are shut down, they can then declare their own computer the new master browser.
- Restricting Information Available to Anonymous Logon Users - Windows NT has a feature where anonymous logon users can list domain user names and enumerate share names. Customers who want enhanced security have requested the ability to optionally restrict this functionality.
- Don't Display Last User Name - Enabling this key will blank the username box on the logon screen. Preventing people that are logging on from knowing the last user on the system.
- Disable Web Printing - This restriction enables and disables server support for Internet printing. Internet printing lets you display printers on Web pages so they can be viewed, managed, and used across the Internet or an intranet.
[Index] [Home]
Download] [Buy]
Protect PC, restrict access, lock desktop with a password, and more ...
