• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 24. Network Security > General Security Practices

General Security Practices

So now you've seen some of the threats; what general practices can you use to protect yourself? Whether you're using a standalone system or a LAN, consider following these recommendations:

  • Install a virus scanner, and update the virus definitions on a regular—daily, or at worst, weekly—basis.

  • Disable the Outlook or Outlook Express preview pane.

  • Use at least Medium security settings in Internet Explorer.

  • Never run email attachments from unknown sources.

  • Disable bridging in corporate environments to keep users from bridging secure networks to insecure networks.

  • Never run email attachments, even from known sources, if you weren't expecting to receive them.

  • Never share your password, not even with a system administrator or technician.

  • If you don't use SNMP to monitor your network, disable SNMP.

  • Never install IIS if you aren't hosting a Web server, FTP site, or other service that would require it.


    Installing IIS is one of the easiest ways to open up your system to a whole new slew of attacks. Do not use IIS unless absolutely necessary.

  • Don't install the optional “Simple TCP Services.” They are unnecessary and leave your system open for additional denial-of-service attacks.

  • In a corporate environment, don't allow people to use dial-up lines at their desks. They'll be able to connect to personal ISPs, overriding your enterprise security measures.

  • Enable Macro Virus Protection in all Microsoft Office applications.

  • Keep your system up-to-date with Automatic Updates, Windows Updates, Service Packs, and hotfixes for all applications. Pay particular attention to updates for the OS, Internet Explorer, Microsoft Outlook, and Microsoft Office.

  • Keep the Guest account disabled (or, as it's called on the User Accounts control panel screen, “turned off”).

  • Don't install unnecessary applications. For applications you do install, regularly check the vendor's Web site for required patches.

  • Sign up for security notification mailing lists to always be aware of new security risks and to take action in a timely manner.


    Some good sites at which you could sign up for security bulletins include these:

  • Use strong passwords on every account. Never use a blank password. Log out and lock your machine when you step away. Check Return to the Welcome Screen or Require Password when configuring your screen saver.

  • Enable the Internet Connection Firewall on all connections that access the Internet (see the section “Making a Secure Internet Connection” later in this chapter), unless the connection is through your office LAN, and the LAN has a firewall or NAT router between it and the Internet.



Not a subscriber?

Start A Free Trial

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint