Protecting a computer in a local network is a complex task that requires a number of operations aimed at both limiting access to the Internet and ensuring the security of such access.
Instructions
Step 1
Make sure that all computers in the network have the latest updates and anti-virus applications with available databases installed.
Step 2
Check, or change, the file system of computers (NTFS is much more reliable) and disable any unused services. This action will allow you to close unnecessary ports.
Step 3
Call the main menu of the Microsoft Windows operating system by clicking the "Start" button and go to the "Control Panel" item to perform the operation of changing the access settings for user accounts.
Step 4
Expand the "Administration" link and select "Computer Management".
Step 5
Go to the "Users" tab of the dialog box that opens and block the "Guest" user.
Step 6
Delete the Support_xxxxxxxx account, which is intended for technical assistance and is a potential threat to the security of a computer on the local network.
Step 7
Return to the main Start menu and go to Run to change your security settings using the Group Policy Editor tool.
Step 8
Enter the value gpedit.msc in the "Open" field and confirm the execution of the editor launch command by clicking OK.
Step 9
Expand the Local Security Policy node and go to Security Options.
Step 10
Select Local Policies and expand the User Rights Assignment node.
Step 11
Change the values of the following parameters as required: - Access this computer from the network; - Deny access to this computer from the network; - Deny logon through Terminal Services; - Allow logon through Terminal Services; - Deny logon locally; - Log on locally.
Step 12
Return to the "Run" dialog and enter the value regedit in the "Open" field to perform the operation of denying access to local drives after restarting the computer.
Step 13
Confirm the execution of the command to launch the Registry Editor tool by clicking OK and open the HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanServer registry branch.
Step 14
Change the AutoShareServer parameter as needed, or use the built-in Poledit.exe utility.
Step 15
Always use password protection for network access and log on to the Internet with a limited account (if possible).
