(menu created with Tigra Menu Gold)

Securing Your Local Area Network (LAN)

NOTE: This document pertains to Windows XP Professional only!

Basic Concepts:
If you are using the default settings in Windows XP Professional, it is very likely anyone who can access your LAN can read any of the files in those folders that are marked as shared. This would include the folder labeled "Shared Documents" which is located in your "My Documents".

So how do you go about keeping prying eyes out of your folders and files? Very simply: Lock them out!

Here's how you accomplish that:
  1. Open Windows Explorer. Click on Tools, Folder Options, View. Scroll down until you see "Use simple file sharing (Recommended)". Ensure it is not checked.
  2. Exit Windows Explorer
  3. Re-open Windows Explorer. Review all folders to find any that are currently being shared. For each one being shared, you should see a small hand under the folder symbol or it may appear as shading on the bottom of the folder..
  4. If you find any that are being shared and you don't want them to be shared, right click on the fold; select "Sharing and Security"; a new dialog box will open that looks similar to the following:

    Shared Folder Properties Dialog Box

  5. In the above case, the folder is not being shared. To share the folder, click on the button in front of the words "Share This Folder"
  6. The next step, and this is the important step that will keep eyes out of your folders and files, is to grant or deny permissions. To do this, click on the Permissions button. A new dialog box will open:

    Permissions Dialog Box

  7. In the above folder, you will notice that Everyone had Read permissions. That means anyone who can access your network can view any of the files in not only this folder, but any sub-folders as well.

    If you are satisfied with that, you are done! If not, keep on reading ---

  8. To further restrict who can view the contents of your folders and files, do the following:

    1. Click on the Remove button; this will delete all permissions for this folder and all sub-folders
    2. Click on the Add button; a new dialog box will open:

      Select Users or Groups Dialog Box

    3. The cursor will be automatically placed in the "Enter the object names to select" text box. Enter the following:

      Authenticated Users

      Your dialog box should look as follows:

      Select Users or Groups Dialog Box

    4. Click on the "Check Names" button. If you have entered a valid user name or group, your entry will become underlined:

      Select Users or Groups Dialog Box

      If it is not underlined, check the spelling and any applicable spacing between the words. Retype it and again click on the "Check Names" button.

    5. To finish the process, click on OK and you will be returned to the Permissions dial box which should now show the user(s) or group(s) you just entered as follows:

      Permissions Dialog Box

    6. At this point, you have restricted anyone except authenticated users from viewing folders and files on your LAN. You need to do this for every folder and/or file you are sharing on your LAN!
    7. The only other thing you may want to do is check any of the boxes in the Allow column in the lower section of the dialog box.

gray bar

Questions?

This page last updated: January 11, 2009