i/s Back Issues

Volume 11

No. 2  October 1995

Q: I've heard that Windows 95 makes file sharing over a network very easy. Are there any security concerns that I should be aware of?

A: Yes! Be very careful! Turning on file sharing not only opens up your 
computer to the people you want to share files with, but also 
potentially to the entire networked world, especially if you use the 
Microsoft stack and TCP/IP. Even if you use the NetBEUI protocol to 
share files only on your local subnet, another machine on that subnet 
may inadvertently provide a gateway to your machine.
         
If you do need to share files across the network, do so more safely by 
following these guidelines:
         
*       Share only the contents of one sub-directory. Don't open file 
sharing to anonymous or guest users, even if you intend to share only 
one subdirectory in this fashion.
         
*       Set password protection on the shared subdirectory. Don't use your 
MITnet (Kerberos) password as the Win 95 password, because it will 
travel across the network with little or no encryption.
         
*       Turn sharing on only when you are actively using it.
         
In addition to concerns raised by filesharing, a security flaw has been 
discovered that affects machines running TCP/IP and Win 95 or Windows 
for Work-groups. This flaw leaves these machines particularly vulnerable 
to network intruders. A fix has not yet been released.
         
         
Q: What's the difference between The Microsoft Network and Microsoft 
Networks?
         
A: The Microsoft Network is a commercial service, like Compuserve or 
America Online, that comes bundled with Win 95.  Microsoft Networks is 
the networking component built into Win 95 that includes support for the 
TCP/IP protocol.
         

i/s Home |  i/s Back Issues |  Volume 11 |  No. 2