4 Tips to Strengthen Your Windows Network

You’ve probably heard of how hackers easily infiltrate Windows networks of unsuspecting people. If you stick your head out of the water frequently and interact with other people on the Internet, you might also run the risk of being attacked at some point in time or another. By following a couple of tips, you can hold your own against those who want to harm you.

1. Disable NetBIOS

I’m not kidding. Do it right now, if you haven’t done it already. I can’t stress how important it is to have NetBIOS disabled on a computer. With the feature enabled, you basically expose your entire network topography and shared files. Anyone and their dog can just hop into your network, access a specific directory tied to your IP, and see your most intimate documents. To disable NetBIOS on your computer, you need to access your network adapter’s settings:

1. Click your “Start” menu, then “Control Panel”.

2. Click “Network and Internet.”

Windows Network and Internet settings

3. Click “Network and Sharing Center”.

Windows network ands sharing center

4. Click “Change adapter settings”. This takes you to all the network adapters on your computer.

5. Right-click a network adapter you would like to disable NetBIOS on, and click “Properties”.

6. Select “Internet Protocol Version 4” from the list in the new window and click the “Properties” button below the list. See the image below if you’re lost.

Windows change adaptor setting

7. Click “Advanced” in the new configuration window then click on the “WINS” tab near the top.

8. Click “Disable NetBIOS over TCP/IP” then “OK.”

Advanced TCP

This, of course, addresses only part of the problem. Windows has other security holes which can be exploited, but you already took care of a big one.

2. Limit Home Network Sharing and Discovery

While disabling NetBIOS prevents your computer from being an open book, you’re still leaving your computer out in the open with network discovery and file & printer sharing. Both of these features, while useful in a home network, can totally compromise the security of the computer. To better tighten your network, you must access the Network and Sharing Center once again:

1. Go to the Network and Sharing Center like you did in the last section. Look under “View your active networks” and note which type of network you use to connect to the internet. It will say something like “Home”, “Work” or “Public”. You’ll see a link called “Change advanced settings” right under the “Change adapter settings” link. Click on it and expand your active network type.

Windows sharing options

2. Ensure that the following options are selected:

  • Turn off network discovery
  • Turn off file and printer sharing, and
  • Turn off Public folder sharing

Once you’ve selected these options, hit the “Save changes” button at the bottom of the window. I still got more work for you to do, though…

3. Windows Update

If you didn’t purposely disable Windows Update, you don’t need to worry about this. While I understand the urge to disable Windows Update, it’s important to use it because Windows releases “hotfixes” once in a while that will make your computer safer. I cannot stress how important it is to keep up to date with everything Microsoft offers, as it might benefit you in the battle against hackers. Every time a security hole is exploited, Microsoft quickly finds out about it and tries to develop countermeasures. Failing to receive updates will keep you out of the loop. If you host a server on Windows, the responsibility requirement to update grows tenfold.

4. Go on a Service Killing Spree

You might already be familiar with the fact that Windows runs tons of services that don’t really do anything for you if you don’t use them. Some of them even leave gaping holes in your computer’s security. If you don’t know how to disable a service, read the third section of this article, which teaches you how to reach the services window. If you want to disable a service, right-click the service, click “Properties,” expand the drop-down menu next to “Startup type,” and select “Disabled” from the list. Once you click “OK,” the service will no longer run on your computer. Now that we have established how to disable a service, do this to the following services:

  • Any service with “Homegroup” in the name – Disable these services only if you don’t plan to use the homegroup features in Windows. If you don’t know what a homegroup is, just disable the services.
  • Remote Registry – As the name implies, this service lets others look into your registry and modify it as they please. Would you allow a random stranger to hold the keys to your car?
  • TCP/IP NetBIOS Helper – You already know what NetBIOS does to your computer. This service helps it run properly.
  • Server – This service allows sharing files and printers, which you don’t do anymore. Put a lid on the problem by disabling this service.
  • Computer Browser – This is what allows others to see the contents of your computer in the first place. Disable it if you don’t use it.

Disabling what these services support is only half the job. If you don’t disable the services themselves, you still could end up with very gruesome vulnerabilities that will make your computer a hacker’s haven.

Firewall & Antivirus

While the majority of you might feel this is a little redundant, some people still don’t understand the concept of locking the front door in their house. That’s exactly what the combination of a firewall and antivirus application does to your computer. An hour of aimless browsing without an antivirus app can easily turn your computer into a Petri dish full of infections and malware. Remember, though, that a virus can infiltrate your computer only if you execute it directly or indirectly.

Indirect infiltration happens when you install a program that asks you to install some third-party application that will benefit you in some way or another. The program might not have a virus, but the third party app may be infected.

Even with an antivirus program installed, I highly suggest that you execute only applications that come from trusted sources, like Microsoft, Apple, and Adobe. If you’re suspicious about an executable file (EXE), upload it here to have it checked for viruses through a comprehensive engine that checks through many different antivirus applications. Good luck and happy surfing.

Photo Credit – flickr

Miguel Leiva-Gomez
Miguel Leiva-Gomez

Miguel has been a business growth and technology expert for more than a decade and has written software for even longer. From his little castle in Romania, he presents cold and analytical perspectives to things that affect the tech world.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox