Block unauthorized access to your computer to increase security
Users should be aware that their computer is somewhat similar to a property. If you leave doors open and there is no surveillance system and protection, it will take just some time until someone breaks in.
The same issue applies to your computer as well. One of the most basic things to do in order to increase security and protect your computer, is to block unauthorized access to it. First of all, make sure that you control physical access to the computer. This is somewhat easy to understand, and most users may properly take care of this issue. However, when it comes to securing your computer from the network/internet and blocking unauthorised access from other computers, things are by far much more complicated and there's a lot of things you need to know and do.
Let's go through the issues at hand and see what can be done to secure your computer and block unauthorised access from the internet and/or local network. First of all, connections to your computer are made trhough individual 'plugs' named ports. The most common internet and network protocols are using TCP and UDP ports to communicate with your computer. If someone gains access to your computer, one of this ports will be the way in. Simply said, ports are 'doors' to your computer. And therefore you need to take care about them.
One of the first things you can do in order to block unauthorized access to it, is to block unneeded ports on your computer, and disable applications that are not really needed and that can be risky for your computer. It is higly recommended to install a software firewall on your computer, or at least a port blocking utility. Using the firewall you can control ports that are allowed to communicate, computers that are allowed or denied access to your computer, and even applications running on the local machine, that are allowed to communicate or not with other computers or the internet. The software firewall also allows monitoring and you can set new rules on the fly, when new connection attempts are recorded, and also allows keeping an eye on possible attacks and taking protection measures as needed - denying acces to the machine for those that are not supposed to be there.
Also, you should disable unneeded services on your computer. There are several articles available on the internet showing information about Windows services that may not be needed and in most cases you can disable them. By disabling these services you reduce the number of ports available for incoming attacks, and also speed up your computer by reducing CPU and memory load. Furthermore, it is equally important that you keep your computer updated, for example by running Automatic Updates and periodically visiting the Windows Update website. There are thousands of new software vulnerabilities discovered each year, and you don't want to be yet another victim of such vulnerabilities.
You should be aware that in most cases attacks from the local network are hard to spot. For example, an employee trying to hack into his boss's computer, may find easy to do so and it will be difficult to find out about the intrusion. Therefore, any computer should use at least a firewall and turn on logging to show connection attempts from other computers within the network. There is always the risk of intrusion from within the company, although most companies worry more about external attacks and do the mistake of taking easy the risks coming from their own personnel.
Finally, blocking attacks from the internet can be properly done through using an additional firewall. There are a lot of firewall appliances available that can be used for this purpose. What happens is that the user in such situation will purchase a firewall/router/gateway appliance, and hook it directly to the internet. Such a device usually has a WAN port and one or more LAN ports. The WAN port will be connected to the internet, and the LAN ports to computers or switches pertaining to the local network. The device will act as the middle man in between the internet and computers running on the local network; it will block unauthorised access, it will block denial of service attacks, and it will also log attack attempts for you. If you do not want to purchase an additional device for this purpose, an old computer available around can do the job with great success. All you need is a Pentium class computer with two network cards, and to use a dedicated firewall operating system. The Monowall OS can be such an example, and it runs great. Of course, in all these cases, you need to have proper training and understanding of networks in order to be able to do it yourself. If you do not have this knowledge, convince a friend to help you or hire a professional to do the task for you.
The same issue applies to your computer as well. One of the most basic things to do in order to increase security and protect your computer, is to block unauthorized access to it. First of all, make sure that you control physical access to the computer. This is somewhat easy to understand, and most users may properly take care of this issue. However, when it comes to securing your computer from the network/internet and blocking unauthorised access from other computers, things are by far much more complicated and there's a lot of things you need to know and do.
Let's go through the issues at hand and see what can be done to secure your computer and block unauthorised access from the internet and/or local network. First of all, connections to your computer are made trhough individual 'plugs' named ports. The most common internet and network protocols are using TCP and UDP ports to communicate with your computer. If someone gains access to your computer, one of this ports will be the way in. Simply said, ports are 'doors' to your computer. And therefore you need to take care about them.
One of the first things you can do in order to block unauthorized access to it, is to block unneeded ports on your computer, and disable applications that are not really needed and that can be risky for your computer. It is higly recommended to install a software firewall on your computer, or at least a port blocking utility. Using the firewall you can control ports that are allowed to communicate, computers that are allowed or denied access to your computer, and even applications running on the local machine, that are allowed to communicate or not with other computers or the internet. The software firewall also allows monitoring and you can set new rules on the fly, when new connection attempts are recorded, and also allows keeping an eye on possible attacks and taking protection measures as needed - denying acces to the machine for those that are not supposed to be there.
Also, you should disable unneeded services on your computer. There are several articles available on the internet showing information about Windows services that may not be needed and in most cases you can disable them. By disabling these services you reduce the number of ports available for incoming attacks, and also speed up your computer by reducing CPU and memory load. Furthermore, it is equally important that you keep your computer updated, for example by running Automatic Updates and periodically visiting the Windows Update website. There are thousands of new software vulnerabilities discovered each year, and you don't want to be yet another victim of such vulnerabilities.
You should be aware that in most cases attacks from the local network are hard to spot. For example, an employee trying to hack into his boss's computer, may find easy to do so and it will be difficult to find out about the intrusion. Therefore, any computer should use at least a firewall and turn on logging to show connection attempts from other computers within the network. There is always the risk of intrusion from within the company, although most companies worry more about external attacks and do the mistake of taking easy the risks coming from their own personnel.
Finally, blocking attacks from the internet can be properly done through using an additional firewall. There are a lot of firewall appliances available that can be used for this purpose. What happens is that the user in such situation will purchase a firewall/router/gateway appliance, and hook it directly to the internet. Such a device usually has a WAN port and one or more LAN ports. The WAN port will be connected to the internet, and the LAN ports to computers or switches pertaining to the local network. The device will act as the middle man in between the internet and computers running on the local network; it will block unauthorised access, it will block denial of service attacks, and it will also log attack attempts for you. If you do not want to purchase an additional device for this purpose, an old computer available around can do the job with great success. All you need is a Pentium class computer with two network cards, and to use a dedicated firewall operating system. The Monowall OS can be such an example, and it runs great. Of course, in all these cases, you need to have proper training and understanding of networks in order to be able to do it yourself. If you do not have this knowledge, convince a friend to help you or hire a professional to do the task for you.
This information is provided without any warranties of any kind. Use it at your own risk. Terms and conditions