Hi all, this is my first time really working with a windows machine. I am strictly a linux/free software person, but I have to run windows because the manufacture of my printer has not released drivers for the printer for other os...es and also no binaries to write a 3rd party driver (for linux for instance). So i ripped apart an old laptop and am making a really small, remote administered (via vnc) print server for the other pcs on my network (linux boxes).
I am writing because I am really concerned about the security of my network, "post windows plugin". I know that windows is monstrously insecure. What I want to do is basically isolate the windows pc as much as possible by shutting down virtually everything not related to printing or VNC serving and using my router to basically deny any connections to or from the WAN to the ip of the windows box. I would like to turn off everything I can and disable as much as I can on the windows box... basically cripple it so that it cant comprimise my otherwise secure network. My question is whether someone can point me in the right direction for a guide for doing something like this, has any suggestions or has done anything similar and has any advice. I am really concerned about viruses and trojans and all the other garbage I have basically not had to worry about with an all *nix network and a decent firewall. Can anyone help out someone new to windows? I dont think I will have any problems setting up the VNC or the shared printing, I just need to know what services need to be running/ what ports must be open on the windows machine for these two services, and also what sort of risks still will exist despite the fact that this pc will never be used to connect to the internet and will also never connect to anything (hopefully), outside of my LAN. Thanks for any help! Sorry if this is a little bit rambling!

bvg

hmm so youre not going to have this set up for internet period? cause if not then you really have no worries at all, theres at least 30 basic tasks that should be running in order for the puter to run properly. let me see if i can name them for you

explorer.exe
svchost.exe times about 7 of them there should be
winlogon.exe
lsass.exe
services.exe
rundll32.exe x2
system
system idle process
smss.exe
csrss.exe
spoolsv.exe which i believe is printer related
jusched.exe which is the java applet but not nec.
those should be about the main task manager (ctrl alt del) functions that should be running while the system is on but you may also look in msconfig, hit the start go to run and type msconfig, and then go to services there. you should find all the services that are started on the system, and it sorta tells you a bit about what they are, most of the microsoft ones though youre going to want to leave on. if youre only networking the printer u shouldnt really have much to worry about as far as the other systems go and the netowrk conntections, most things ie; hackers, etc. arent going to be able to get in through there and if theres no internet connection they cant really get in through the ports.

hope this helps some email me if you have some other questions

kitty

cool, thanks, I guess if i use the router to disallow network connections from outside my lan... then I should be ok. thanks!!