EnAblE sECuRE loGon Make sure anyone trying to log on to your system has to press Ctrl-AltDel first.
software firewall is turned on, and block incoming ICMP traffic. This will prevent a network intruder from scanning for your PC using a ping sweep. Once you are hidden on the network, you can spend some time trying to figure out who, if anyone, is connecting to your PC and to whom your PC is connecting. To accomplish this, you’ll use the command-line tool Netstat and the Task Manager. Get to the command prompt and type netstat –ao
A bunch of info will flash by on your screen listing the type of connection, the IP addresses of remote hosts, the protocols, and the process identifier, or PID. If there’s something here you don’t recognize, write down the PID. Now, open the Task Manager and add the PID column by opening the View menu and clicking on Select Columns. Check the box next to PID. Now match the
PID from Netstat and the PID from Task Manager to learn which applications are holding which ports open. A well-secured machine should have ports open only for authorized apps.
5
One last idea: Enabling secure logon in Windows XP and Vista will protect your system from malware that attempts to impersonate a log-on screen to steal system passwords. This forces anyone trying to log on to press Ctrl-Alt-Del first. In Windows Vista, open the Run command, type netplwiz, and click Continue when prompted by User Account Control. In the Advanced User Account window, click the Advanced tab, then select the box that says Require users to press Ctrl-Alt-Delete. In Windows XP, go to the Control Panel’s User Accounts applet. In the Advanced User Account window, click the Advanced tab, then select the box that says Require users to press Ctrl-Alt-Delete. n JULY 2009 PC MAGAZinE DiGitAl EDition 81