If any of your LAN based resources are exposed to the Internet or to other TCP/IP based network segments that may be linked to the Internet, it would be in your best interest to unbind TCP/IP from File and Printer sharing services, and use NetBEUI in stead.

What we have outlined below also applies to those using IPX/SPX. All you need to do differently would be to enable NetBIOS over IPX/SPX, substitute "IPX/SPX" for "NetBEUI" in the following instructions, and you will be good to go.

Setting up NetBEUI protocol for file and Printer sharing is not difficult -it can just be a bit time-consuming and tedious if you have several computers that needs to be reconfigured and rebooted. It is important, however, that you unbind TCP/IP and bind NetBEUI on every single computer on your LAN because all it takes is one vulnerable computer to let an intruder sneak in.

Here is a step-by-step howto on setting up NetBEUI for file and print sharing:

• Go to Network Control Panel: If you are on Windows XP, go to Control Panel, Network Connections, Local Area Connections, then click on Properties button. On Windows 9x, go to Control Panel, Network Connections, and select Configuration tab.
  
• Install NetBEUI protocol if Needed: If you do not have any entries (in the list of installed items) that begin with NetBEUI, you need to install it.

  While on this screen, click on Add (win 9x) or Install (Win XP), then double click on Protocol to open the Network Protocol window, Select Microsoft, and then Select NetBEUI.

  Windows will look for any needed files and install them for you. You may be prompted for your installation disks. When Windows has finished installing NetBEUI, it will prompt you to reboot. Save any open files, close all programs, and then let it reboot your system.

• Bind NetBEUI to your NIC: Check the box to bind NetBEUI to your network adapter.
  
• Reboot: What can we say!
  
• Verify Protocols Bound to your NIC: Go to the Network Control Panel, and double click on your Network adapter. You should see NetBEUI bound to your NIC and to any other network adapters (Ethernet cards, and Dial-up adapters, etc.) you may have in your system. You will also see TCP/IP bound to your network adapter because that is what your NIC would still need for connecting to the Internet.
  
• Verify NetBEUI binding to Clients and Services: Since we wish to bind NetBEUI to File and Printer Sharing services on your computer, we need to have it bound to Clients and Services as well.
  
• Verify NetBEUI is bound to MS Client, File and Print Sharing: If not there already, go to your network adapter, and double click on NetBEUI. It should be bound to Client for Microsoft Networks and to File and Printer sharing for Microsoft Networks. If NetBEUI is not bound to any of the above, check appropriate boxes to bind it to them.
  
• Unbind TCP/IP from Clients and Services: This is what actually isolates your computer from any TCP/IP based exposure from your WLAN -and from the Internet.

  Double click on TCP/IP that is bound to your NIC, go to Bindings tab and uncheck Client for Microsoft Networks and File and Printer sharing for Microsoft Networks. You need to uncheck Microsoft Family Logon too if TCP/IP is bound to it. You do not have to reboot your system after this because we still have some more unbinding to do.

  Repeat the above steps for every copy of TCP/IP that may be bound to any other network interfaces installed on your system.

• Reboot
  
• Review Your File/Printer Shares: Do you still need to share those files and folders? If not, deactivate those shares.
  
• Use Strong passwords: Any resources that you need to share should be setup with strong passwords. Use long passwords that contain a combination of alpha-numeric and punctuation marks. Do not use your administrative account password for file and printer shares.

Repeat this on ALL your computers. It takes one insecure computer to bring down your entire LAN. Therefore, you need to ascertain that your have removed TCP/IP binding from ALL your file/printer shares on each and every one of your LAN based computers, and have replaced it with NetBEUI.

You should have someone who specializes in securing WLANs take a close look at your network from the outside (Internet) and identify any vulnerabilities that may still exist in your setup.