Windows XP Professional Tutorial
- System Changes
- Administrator Account
- Guest Account
- Local Security Settings
- System Restore
- Windows Update
- Bios Password
- Software
- MBA
- Antivirus
- Firewall
- Anti-Trojan
- Ad-Ware
- Backup
System Changes
Administrator Account:
Windows XP by default has an Administrator account installed. The biggest issue with this is when a hacker looks for an account to log onto; this is usually his first choice. To avoid the problems with this you should do two things.
Rename the Administrator Account and password protect it:
Right-click “My Computer”, and choose manage. From this window, choose “Local Users and Groups”, press the maximize button. Choose the users folder. Right click your administrator account and press rename. Choose a different name. Next, from the menu option “Action” (From the toolbar) choose new user. Name this new account administrator. Now put an extremely strong password on it, open up notepad and just slam down the keys, using numbers, letters, and symbols. Make sure it is at least 25 characters long. Simply copy the line, and paste it into the new password field, and then the corresponding re-type password box.
Disable the Guest account:
From the current area we are in, highlight the guest account, right-click it and select rename, choose an alternate name.
Then right-click it again and selected properties, in this new window select “Account is Disabled”. The guest account is no longer a threat.
Local Security Settings:
To do this right-click the start button, and choose properties. From the “Start Menu” tab, next to your choice of which start menu you prefer click “Customize”. From this new window choose the advanced tab. Scroll down to “System Administrative Tools” option. Press Display on all programs menu. Press ok, and then in the new window press apply.
“Start –> All Programs –> Administrative Tools –> Local Security Policy.”
From this new window choose “Local Policies” on the right side. Choose, “Security Options”. Search through the list for options interesting you. Some pertain to password auditing, which is logging of invalid passwords entered. And others are about restrictions you can place on users and groups.
Disable unsafe settings:
Scroll down to, “Devices: Restrict floppy access to locally logged-on users”.
Right Click, Go to Properties and Disable this option.
Scroll down to, “Devices: Restrict CD-ROM access to locally logged-on users”.
Right Click, Go to Properties and Disable this option.
Then go down to “Recovery Console: …
Make sure that both of these options are disabled.
Exit out.
System Restore:
Right-Click my computer, and choose “Properties”. Go to the “Remote” tab, and make sure that both of these options are unchecked.
Next go under “System Restore”, and uncheck this option.
[This option is another poor excuse for a decent backup program]
Windows Update:
I cannot stress it enough that you use this. If you are one of many who are using less then legitimate copies of Windows XP, under my computer, go to automatic updates and disable it. Go online, to http://windowsupdate.microsoft.com. Download every critical update, except for the current service pack (If Your Copy Is Less then Legal). Then browse through the other updates, and select which ones you need. Some pertain to CD burning, while others install optional programs.
BIOS Password:
Another good option for local security is enabling a BIOS password. Because it loads before the operating system, the only way to remove it is a master password or removing the BIOS battery. In either case it's easy to implement, and should keep most people away.
Reboot your computer, on the startup screen you should see “Enter System Setup” or something similar, and then press the corresponding key to enter. Usually it's F6 (Generally ranges from F2-F8), or on older computers the ‘Del' key. Anyway after pressing the button a blue screen should show up. I cannot give detailed instructions for implementing it since not every computer uses the same BIOS. Here is some general instruction for implementing a BIOS password.
General Instructions:
1) The Option is Generally Located on a Line Titled, “System Password”, “Settings Password”, “Local Password”, or “Boot Password”.
2) Some BIOS's require you to turn this feature on, to do so; highlight ‘Disabled' and click enter. This should change it to “enabled”.
3) If Options are labeled across the top, look for one titled, “Security”.
Software
MBA:
Recently after Microsoft had publicly admitted that their software was not as secure as they had made it seem they released a security auditing program.
Microsoft Baseline Analyzer. This will scan your current computer and any that are connect to your network, and displays a list of: unsafe computer settings, missing updates, and services that do not need run.
Download it from here:
Microsoft Base Analyzer
Antivirus Technology:
It is not wise to cheapen out when it comes to a good Antivirus Program. Make sure to keep constant with the updating of Virus Definitions. It's pointless to keep the software, if the definitions are outdated.
Norton Antivirus 2003:
It can automatically remove worms and Trojan horses, along with viruses. NAV also stops worms from transmitting themselves from your PC, via e-mail or Net connection protocol. It blocks malicious files downloaded from: AIM, MSN Messenger, and Yahoo Messenger. Voted #1 year, after year it's leading the competition, with its new release of NAV 2004.
Note: With new installations of any Norton AntiVirus the subscription period for updates is renewed. Reinstalling the program after the subscriptions run out, allows updates for another year.
Panda Antivirus Titanium:
Following closely in NAV's footsteps, with most of its features enabled during installation. The product also fetches new virus definitions from Panda's site whenever your PC connects to the Net. It is very similar to NAV, in that it has a very user-friendly interface, but does not deteriorate the quality of the program.
McAfee's Virus Scan Home Edition version 7:
With this program you not only receive virus protection, but also a firewall that includes a visual trace route program. In addition, Virus Scan watches for malicious outbound programs, blocks malicious scripts, and annihilates Viruses trying to run in the background.
Firewall Protection:
This is your main defense against attacks on your computer. Shareware, or freeware there is no excuse not to have one.
Programs:
Norton Internet Security:
Again Symantec leads the race with another amazing piece of software. It allows you set program access, parental controls, spam blocking, and all outgoing connections. This program puts all your un-used ports on stealth-mode, and resists all outside attempts to log onto your system.
Black ICE defender:
This piece of software has a few crucial differences. For one, it's designed for stand-alone PCs. And, unlike classic firewall products, it is dynamic, watching for and defending against hack attacks and changing its degree of vigilance and its security strategy depending on what's coming into your PC through the Internet.
Tiny Personal Firewall:
The program offers high, medium, and low security levels. If you're not sure which to choose, the program can operate in learning mode, letting you decide whether to deny or accept data in each situation. You can then establish rules to determine how you want to deal with similar situations in the future. You can also check for digital signatures, and it can restrict applications to certain ports or destination IP addresses. Finally, you can create reports of all intrusion attempts.
Anti-Trojan Software:
Even If you have purchased a good antivirus program, it is recommended that you get an anti-Trojan program. They contain options that are not usually available, such as a port scan and searching the registry for references to Trojans.
The program that simply dominates this area is, The Cleaner. A trial version is available here.
Ad-Ware Removal:
When your computer contains ad-ware, it begins to have an extremely annoying amount of pop-up ads, even when you aren't surfing the web. It also has a tendency to hog system resources, slowing down your computer. It is usually installed through free programs (shareware and freeware). Most programs under this category do what is referred to as “data mining”. They compile a list of websites you visit, and then periodically download the ads associated with your classification. The problem is that it uses your bandwidth to download the files, and takes up space on your hard-drive.
For removal one program above all is recommended. Ad-Aware, has three versions available: Professional, Plus, and Free. For the most part I would recommend the free version available at, http://www.lavasoftusa.com. The updates are free, and the interface is pretty simply. Ad-Aware scans your hard-drive and registry, and then lists what it has detected. Then you simply click the box next to each identified component, and it's gone. It is a good idea to run this program at least once a week.
Backup:
Relying on Microsoft Windows “System Restore” is a mistake made far too many times. Not only does it take up extra space, it almost never works, stating there were errors during the restoration or it was not able to continue. It is highly recommended that if you have any files on your computer that you would like to save, that you get a decent backup program. Most modern backup programs create an Image of your hard drive, known as an ISO. Its' an exact duplicate, except for that fact it is compressed. Which makes it much easier to burn to a CD or transfer to another partition.
This article was originally published by CyberArmy.net in the CyberArmy Library.
|
|