Partager via


Print Server Security (Windows Embedded CE 6.0)

1/6/2010

A print server has potential security risks because it supports the transfer of unencrypted, clear-text files over a network. Running a print server device on a public network may expose the device to the typical security concerns associated with networking. The print server is not designed to be run on a public network, and Microsoft strongly recommends that you use this server only on a private network.

Best Practices

Enable a firewall on your network device

For enterprise environments, Microsoft recommends the use of a network firewall with intrusion protection, such as Microsoft Internet Security and Acceleration (ISA) Server. For more information, visit this Microsoft Web site.

For non-enterprise environments or for added protection, Microsoft recommends that you include and configure the Windows Embedded CE Firewall on the network device. For more information about the Windows Embedded CE IP Firewall and how to configure it, see Firewall.

For information about configuring the IP firewall to properly manage traffic destined for the internal network, see IP Firewall Reference.

Use authentication

Use NTLM version 2 authentication to limit access to known users only.

For information about NTLM, see NTLM Security Support Provider.

Default Registry Settings

You should be aware of the registry settings that impact security. If a value has security implications you will find a Security Note in the registry settings documentation.

For Print Server registry information, see Print Server Registry Settings.

Ports

The following table shows the ports that the File Server and Print Server listen to.

Port number Description

137

TCP/ UDP (name service)

138

UDP (for communication through a mailslot)

139

NetBIOS over TCP/IP (NetBT)

445

TCP

See Also

Concepts

Print Server Registry Settings

Other Resources

Print Server
Enhancing the Security of a Device