MCTS to MCITP , 70-351 , 70-089 , 70-236 , 70-640 , 70-642 , 70-646 , 70-630 , 70-285 , 83-640: January 2011

Monday, January 17, 2011

Step by Step Block Sharing on Network in Windows 7

Task :
    You need to give an external user VPN Connectivity to work for you but you want him/her to Save any           type of Document on his own machine because the data is  Highly Confidential for the Company.User must be granted Remote Desktop Only One of the most Advance and Secure Feature of Windows 7 has the Advance Security it provides making the Life of "System Administrator" easier.

Solution :

Steps to Block Sharing and Internet Access on a Windows 7 Machine.

For Outgoing Connection Block the Following on Windows 7 Machine.
-          - Disable WorkStation Service.
-          - Disable Netlogon Service.
-          - Disable Computer Browser Service.
as  
      
Procedure : 

O   Open Services Tab and Stop the Following Services.



Disable "WorkStation" Service.



















      
      Disable "Browser" Service.




















Disable "Netlogon" Service.




















This will Block all outgoing Connection from the Source Machine, Netlogon Service is required for Network Sharing.

Now for Incoming Connections Follow these Steps.


Go to Manage Advanced Sharing Connection.
-          - Disable all Options on all networks ( Public,Home,Domain).
  - Only leave the Network Discovery Option set to “ON” for Remote Desktop.


At Command Prompt Enter the Following Command :

Manage Advance Sharing Settings























Disable all the options except the Network Discovery ( This option is used for Remote Desktop Connections ).
Your Network is now safe from Incoming and Outgoing Sharing.
But still user can Send file through Internet, so for that we need to disable internet settings if you are running any Proxy Server. Also Disable TCP/IP Settings.



























































Now restart your Computer or run the following Command :

gpupdate/force

This will do the task Complete.


Note :-
        Just add the User to Remote Desktop Users Group Only, by default a new user in Windows 7 is also in Administrator Group. Remove The user also from Administrator Group.