Keeping Intruders Out of Your System : Turning Off File and Printer Sharing, the Messenger Service

If you access the Net using a broadband—cable modem or DSL—service, chances are you have an always-on connection, which means there’s a much greater chance that a malicious hacker could find your computer and have his way with it. You might think that with millions of people connected to the Internet at any given moment, there would be little chance of a “script kiddy” finding you in the herd. Unfortunately, one of the most common weapons in a black-hat hacker’s arsenal is a program that runs through millions of IP addresses automatically, looking for live connections. The problem is compounded by the fact that many cable systems and some DSL systems use IP addresses in a narrow range, thus making it easier to find always-on connections. However, having a cracker locate your system isn’t a big deal as long as he can’t get into your system. There are three ways to prevent this:

• Turn off file and printer sharing on your Internet connection

• Turn on the Windows Firewall

• Turn off the Messenger service

Turning Off File and Printer Sharing

File and printer sharing is used to enable network users to see and work with shared files and printers on your computer. Obviously, you don’t want to share your system with strangers on the Internet! By default, Windows XP turns off file and printer sharing for Internet connections. To make sure of this, however, follow these steps:

1.	Select Start, All Programs, Accessories, Communications, Network Connections. (Alternatively, open Control Panel and launch the Network Connections icon.)
2.	Right-click the icon for the connection that gets you on the Internet and then click Properties.
3.	Display the Networking tab. (For some types of connections, you might need to display the General tab instead.)
4.	Make sure that the File and Printer Sharing for Microsoft Networks check box is deactivated.

Turning On the Internet Connection Firewall

Although disabling file and printer sharing is a must, it’s not enough. That’s because when a hacker finds your address, he has many other avenues with which to access your computer. Specifically, your connection uses many different ports for sending and receiving data. For example, web data and commands typically use port 80, email uses ports 25 and 110, file transfer protocol (FTP) uses ports 20 and 21, domain name system (DNS) uses port 53, and so on. In all, there are dozens of these ports, and every one is an opening through which a clever cracker can gain access to your computer.

As if that weren’t enough, hackers also can check your system to see whether some kind of Trojan horse virus is installed.If the hacker finds one, he can effectively take control of your machine (turning it into a zombie computer) and either wreak havoc on its contents or use your computer to attack other systems.

Again, if you think your computer is too obscure or worthless for someone else to bother with, think again. A typical computer connected to the Internet all day long will be probed for vulnerable ports or installed Trojan horses at least a few times a day. If you want to see just how vulnerable your computer is, several good sites on the Web will test your security:

• Gibson Research (Shields Up)—grc.com/default.htm

• DSL Reports—www.dslreports.com/secureme_go

• HackerWhacker—www.hackerwhacker.com

The good news is that Windows XP includes a personal firewall tool called Windows Firewall that can lock down your ports and prevent unauthorized access to your machine. In effect, your computer becomes invisible to the Internet (although you can still surf the web and work with email normally). Follow these steps to start Windows Firewall:

1.	Launch Control Panel’s Network Connections icon.
2.	Right-click the icon for the connection that gets you on the Internet and then click Properties.
3.	Choose the Advanced tab.
4.	In the Windows Firewall group, click Settings. The Windows Firewall dialog box appears.
5.	Activate the On option.
6.	Click OK.

Turning Off the Messenger Service

As a final barrier against unwelcome intrusions, you should also turn off the Windows XP Messenger Service. This service (which is not to be confused with the Windows Messenger instant messaging program) is used by network administrators to broadcast messages to users. However, some advertisers have figured out how to use this service to have ads pop up on your computer. You can block these ads by turning off the service. To do this, follow these steps:

1.	Select Start, Control Panel, Performance and Maintenance, Administrative Tools, Services. Windows XP displays the Services window.
2.	Double-click the Messenger service.
3.	Click Stop to shut down the service.
4.	To prevent the service from starting in future Windows XP sessions, use the Startup type list to choose Manual.
5.	Click OK.