A special care must be taken to protect the gateway host itself. Current Comsocks version doesn't provide such a protection. Please follow some general practices to maximize your Windows security:
  1. Always DISABLE file and printer sharing. Please see the FAQ q5.
  2. Always select strong admin and user passwords for Windows NT/2000. Change them regularly.
  3. Set a "RestrictAnonymous" REG_DWORD value to 1 in "HKLM\CurrentControlSet\Control\lsa" registry tree in Windows NT 4 to disallow anonymous access.
  4. Do NOT run any unnecessary server software (eg. IIS) other than Comsocks.
  5. Only install and run minimal applications and services in the gateway host. Disable unnecessary services.
  6. In Windows NT, enable TCP/IP security and filtering under Microsoft TCP/IP Properties (Control Panel->Network->Protocol->TCP/IP->Advanced->Enable Security). Only allow those ports and protocols necessary to the function of the gateway. You can block TCP/UDP ports 135-139 for NETBIOS access(file sharing).
  7. In Windows NT, disable Guest account.
  8. In Windows NT, remove Everyone from the Access This Computer From The Network User Right under "Policies->User Rights" in User Manager.
  9. Apply the most recent Service Packs and security fixes.
  10. Enable Auditing in Windows NT.
  11. Install third-party firewall software to protect the gateway (e.g. BLACKICE, Nortan Internet Securty, etc...).
  12. Install third-party anti-virus software.
  13. Restrict physical access to the host. Leave the server alone.
  14. Do NOT use the gateway host as your regular workstation.

Close Window