0

I do not know if this is possible or practical, so I was wondering what you guys thought.

Heres the story behind it:

I currently share my pc with 4 other users, and am currently running win XP pro. I have my pc locked down as much as possible, but of course, its not enough, the amount of programs I have to remove daily is rediculous. Im not going to get into the reason because it would take too much time, but I cannot simply cut off these users, I need to restrict them more.

Heres what I want to do:

Other than windows xp pro, I also Have Windows Server 2003 Enterprise edition. I have read and know about features that allow me to lock down a pc VERY tight in a standard client/server setup. Only 1 problem, I only have 1 pc. Is it possible to dual boot my pc, run both versions of windows at the same time, and force my windows xp pro logins to go through my "server" located on another partition?

3
Contributors
5
Replies
6
Views
12 Years
Discussion Span
Last Post by pcschrottie
0

I am quite certain you are at a crossroads. A client & server crossroads.
In order to do this correctly youll need to have at least two machines.
one runing server 2003 and the client(s) running XP Pro.
Time to get some hardware.

You CAN load both of these OSs onto two different HDs but you will not be able to
run them simultaneously and both will be registered to the same chunk of hardware
which can make for lisc. nightmares.

CDW is always running great deals on IBM tower servers, some not that powerful
but for under 700$ you can get a pretty beefy system that can do the trick.

As for nasties getting into your system I would advise a simple hardware firewall
manageable from inside your networks. LinkSys offers many low cost soloutions
for firewall/routing that also include VPN capability and will allow you to block all kinds
of traffic. you should only require a few ports to be open to surf the web & read email.

I wouldnt allow users anything more than basic priveledges on the
client. They tend to install crap that shouldnt be there and that just
opens you up to a whole slew of vulnerabilities.

Good luck & happy hunting,
Cain

0

Do all the users use the same account on the XP Pro machine? If so, create a restricted account (for each one of them) and protect the admin-account with a password.


Michael

0

No I have accounts setup, my fiancee and I share 1 admin account, and the other 3 share another one, the only problem is that I have to give them admin access because in Windows XP, it does not allow anyone to play a game off of a cd-rom without having admin access. That is why I want to setup the server/client network, because that way I can restrict all .exe's from running, but also allow exceptions based on user profiles.

0

Nicely written. That is what I thought was going to happen, but even for under $700 I do not have the money to go out and purchase one, I think I will just try getting a few basic parts (motherboard, processor, ram, hd, basic vid card) and then just attempt the client/server. My second pc is broken, so I am in the process of fixing that one, after that I will instal server 2003 on my main pc, and instal xp pro on the client machine. Thanks for the input. ~Dustin

I am quite certain you are at a crossroads. A client & server crossroads.
In order to do this correctly youll need to have at least two machines.
one runing server 2003 and the client(s) running XP Pro.
Time to get some hardware.

You CAN load both of these OSs onto two different HDs but you will not be able to
run them simultaneously and both will be registered to the same chunk of hardware
which can make for lisc. nightmares.

CDW is always running great deals on IBM tower servers, some not that powerful
but for under 700$ you can get a pretty beefy system that can do the trick.

As for nasties getting into your system I would advise a simple hardware firewall
manageable from inside your networks. LinkSys offers many low cost soloutions
for firewall/routing that also include VPN capability and will allow you to block all kinds
of traffic. you should only require a few ports to be open to surf the web & read email.

I wouldnt allow users anything more than basic priveledges on the
client. They tend to install crap that shouldnt be there and that just
opens you up to a whole slew of vulnerabilities.

Good luck & happy hunting,
Cain

0

XP Prof. has a VERY advanved user-rights management, why not get familiar with it a little bit more.

Michael

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.