Skip to main content

Securing XP

1. NTFS Partition.
2. Disable Error Reporting
3. Disable Automatic Updates (only if your XP copy is pirated)
4. Disable "Recent Documents" Viewed
5. Setup XP Firewall
6. Setup screensaver password
7. Setup BIOS password
8. Setup "AfterBios" login password
9. Account Modifications
-Rename Admin Account
-Disable Guest Account
-Disable Help_Assistant Account
-Disable Support Account
10. Install a virus scanner.
11. Change Login Screen (default shows usernames)
12. Disable Remote Registry (and other services)
13. Disable/Change Auto-Search settings in IE.

1. NTFS Partition.
Be sure to install XP onto an NTFS partition so that you (the admin) can take advantage
of file permissions. You want this option so that "you" can decide who reads, writes,
executes what files.

If you didnt install XP onto an NTFS partition. Convert It. To convert to NTFS follow
the instructions below.

Open a command prompt and type "convert c: /FT:NTFS /v"
This command will convert your c: partition from FAT to NTFS in verbose mode.

2. Disable Error Reporting.
we dont want microsoft to know everytime we fuck up. especially if we didnt pay for winxp.

control panel > performance and maintenance > system > advanced > error reporting (disable all) right click "my computer" > manage > services and applications > services > " stop and disable" Error Reporting.

3. Disable automatic updates.
To update, they must know what we have. thats a NO NO!

NOTE: DO THIS ONLY IF YOUR COPY OF XP IS PIRATED!! I suggest "auto update" if your copy of XP is legal. If your copy is pirated then i suggest that you stay updated with the latest fixes and patches manually.

control panel > performance and maintenance > system > automatic updates (disable updates)

right click "my computer" > manage > services and applications > services > " stop and disable" Automatic Updates.

4. Disable "Recent Documents" Viewed.
Quit listing most recent documents opened under the start button.

control panel > appearance and themes > task bar and start menu > start menu >
customize > advanced

remove the checkmark next to "List my most recently opened documents".

5. Setup XP Firewall.
Before this change, i scanned my xp box and found it to have many ports wide open. After this change, I found nothing and xp logged the attempts in c:\windows\pfirewall.log.

control panel > network connections > right click "local area connection" > properties
> advanced > check the box under "Internet Connection Firewall" then choose "settings".

Services Tab - leave all unchecked unless there is a service you are running that people
must be able to access.

Logging Options - Log everything.

ICMP - I left all these unchecked for the time being. (allowing nothing)

(this does not protect you from "Spy Ware". This only stops traffic from coming into
your win-xp box (not all traffic). It does not stop traffic from going out.) If you
need to stop traffic from going out and need a more secure firewall then download a real
firewall like "zone alarm or black ice".

6. Setup screensaver password.
Setting a screensaver password incase you leave some of that secret pr0n open when you walk away.

right click on the desktop > properties > screen saver > check the box next to " On
Resume, Password Protect."

If you dont have a password set on your user account, you can do so in control panel >
user accounts > change account.

7. Setting a BIOS password.
We dont want anyone rebooting the computer or trying to sneak into our pr0n while we are away at school or work.

I cant explain to one how this is done due to the differences between all computers and
how the BIOS settings are entered. If you know what Im talking about then do it. If you
dont know what Im talking bout then learn how to do it. A screensaver password is useless
unless you setup a BIOS password.

8. Setting up the "AfterBios" password.
Sometimes bios passwords are easily cracked. This password will add extra local login security incase your bios pass is crax0red. I dont know bout you but i love having to type in 3 passwds and a username to login to my box.

Start > run > type "syskey" > choose "update" > choose "Password Startup" > enter a
password and choose ok.
9. Renaming and Disabling Accounts for adminstrator, guest, help_assistant and support.
Right click my_computer > manage > local users and groups
rename administrator account
disable guest account
disable help_assistant account
disable support account

10. Install Virus Protection.
Install a virus scanner. Your firewall might protect your system from unwanted hackers but
what about an unwanted virus or trojan?. I recommend installing a virus scanner such as
"Nortons" or "McAfee".

11. Change Default Login Screen.
Xp uses the "welcome screen" by default. This screen has the names of all accounts on the
system so that the user only has to click on their name and type a password. Come on now....
We arent that damn lazy. If we change this screen to the normal login, then prying eyes
will have to know a username and password to get in. Follow the instruction below to change
this.

control panel > user accounts > change the way users log on or off

uncheck the box next to "Use Welcome Screen" and choose "apply options".

12. Disable Remote Registry.
right click "my computer" > manage > services and applications > services > " stop and disable" Remote Registry.

NOTE: disable any services running in this area that you arent using.

13. Disable/Change Auto-search in Internet Explorer.
This is not really a security risk but it is important to some people that prefer to keep their internet surfing to themselves and away from microsoft.

Open Internet Explorer > Click the "search" button > click the "customize" button > click
"autosearch settings" > FOLLOW INSTRUCTIONS BELOW...

DISABLE: In the "When Searching" drop down menu, select "Do not search from the address bar". > click "ok" > "ok". Type an invalid address in your address bar and see if it
takes you to the msn search page or if it gives a "page not found" error. In this
case, the "page not found" error is what we want.

CHANGE: If you wish not to disable, but you wish to change it to your favorite "google.com"
search page. Instead of following the "DISABLE" instructions, follow the instructions
below. Choose "Google Sites (or whatever you prefer)" from the "choose a search provider
to search from address bar" drop down menu > click "ok" > "ok"
Labels:

Comments

Post a Comment

Popular posts from this blog

Best convertor FF(Format factory)

To Download FORMAT FACTORY free Just click HERE Format Factory is a multifunctional media converter. Provides functions below: All to MP4/3GP/MPG/AVI/WMV/FLV/SWF . All to MP3/WMA/AMR/OGG/AAC/WAV . All to JPG/BMP/PNG/TIF/ICO/GIF/TGA . Rip DVD to video file , Rip Music CD to audio file. MP4 files support iPod/iPhone/PSP/BlackBerry format. Supports RMVB , Watermark , AV Mux.  Format Factory's Feature: 1 support converting all popular video,audio,picture formats to others. 2 Repair damaged video and audio file. 3 Reducing Multimedia file size. 4 Support iphone,ipod multimedia file formats. 5 Picture converting supports Zoom,Rotate/Flip,tags. 6 DVD Ripper . 7 Supports 56 languages OS requirements: All Windows OS
Post a Comment
Read more

How to modify exe

learn how to change *.exe files, in 5 easy steps: 1) Don't try to modify a prog by editing his source in a dissasembler.Why? Cause that's for programmers and assembly experts only. try to view it in hex you'll only get tons of crap you don't understand. First off, you need Resource Hacker(last version). It's a resource editor- very easy to use, You can download it at h**p://www.users.on.net/johnson/resourcehacker/ 2) Unzip the archive, and run ResHacker.exe. You can check out the help file too 3) You will see that the interface is simple and clean. Go to the menu FileOpen or press Ctrl+O to open a file. Browse your way to the file you would like to edit. You can edit *.exe, *.dll, *.ocx, *.scr and *.cpl files, but this tutorial is to teach you how to edit *.exe files, so open one. 4) In the left side of the screen a list of sections will appear. The most common sections are -String table; -RCData; -Dialog; -Cursor group; -Bitmap; -WAV. *Icon: You can wiew and change
Post a Comment
Read more

One-click PC shut down

This is really very easy one but very effective one. Enjoy it! First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC. But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this shutdown -r -t 01 -c “Rebooting your PC” Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message “Rebooting your PC.” The shutdown command includes a variety of switches you can use to customize it. Table 1-3 lists all of them and describes their use. I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use: shutdown -s -t 03 -c “Bye Bye!” shutdo
Post a Comment
Read more