From: PA Bear [MS MVP] on
[[Forwarded to WinXP Networking NG via crosspost]]

RB wrote:
> I have successfully implemented the following on my LAN and would
> like input and criticism as the effectiveness of said items and where
> I should have done more or different.
> 1. I implemented the Classic Share via disabling Simple File Sharing
> on WinXP pro on all nodes.
> 2. I created a user accts for each user on every node in Lan (with their
> pswds) and gave each user a shared folder on each node with pertinent
> share permissions and NTFS group access.
> 3. I created another user limited acct named BrowseWeb and did not
> give it a pswd nor did I create any new folders with access permissions
> nor any NTFS access rights for said user acct.
> However I surmise the acct's Documents and Settings folders created by
> the system for the BrowseWeb acct would be lan accessible except I did
> not give this user acct a pswd and I disabled the guest acct on all
> nodes. So while using this acct to browse the internet, it is not
> possible to access another node.
> This all seems to work well, and I surmise I am somewhat more secure than
> I
> was with no passwords. And now I can designate which folders I want shared
> by which users as opposed to all users seeing any shared folders outside
> of
> their Documents and Settings folders. Of course I have a NAT router and
> use AES encryption with a very long key on the wireless port.