It is important to secure the operating system because during these times viruses are created constantly, and sometimes by individuals of virus prevention companies themselves (secretly or not) to promote their industry. It is similar to the old saying of the glass maker hitting financial difficulty will go around breaking windows in his neighborhood. Or firefighters lighting starting fires themselves (famous movies were even made on this topic).
So to secure a popularly used operating system (Windows XP) would seem like something that is useful for people. The following are steps you can do to secure the OS.
It has some prerequisites, and the main one is the installation of Windows XP Service Pack 3 and Internet Explorer 7. Plus the following updates installed (beforehand by pre-downloading if possible)...
Windows XP Service Pack 3
Internet Explorer 7
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Security Update for Windows Media Player (KB952069)
Windows Genuine Advantage Notifications (KB905474)
Follow-ups will be made on different areas that you can do to make it more secure. Each follow-up is normally associated to changes for a particular control panel item.
Securing Windows XP
12 posts
• Page 1 of 2 • 1, 2
Securing Windows XP
by edepot on Sat Feb 21, 2009 6:43 am
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
System Properties
by edepot on Sat Feb 21, 2009 6:47 am
In Windows XP "System Properties" gadget of Control Panel.
"System Properties" Window
Click: "System Properties" Tab: Advanced.
Click: Performance "Settings" Button
Click: "Performance Options" Tab: Data Execution Prevention.
Select: "Turn on DEP for all programs and services except those I select"
Click: "OK" Button
"System Properties" Window
Click: "System Properties" Tab: Automatic Updates.
Select: Automatic (recommended)
Click: "System Properties" Tab: Remote.
Unselect: "Allow Remote Assistance invitations to be sent from this computer"
Unselect: "Allow users to connect remotely to this computer"
Click: "OK" Button
"System Properties" Window
Click: "System Properties" Tab: Advanced.
Click: Performance "Settings" Button
Click: "Performance Options" Tab: Data Execution Prevention.
Select: "Turn on DEP for all programs and services except those I select"
Click: "OK" Button
"System Properties" Window
Click: "System Properties" Tab: Automatic Updates.
Select: Automatic (recommended)
Click: "System Properties" Tab: Remote.
Unselect: "Allow Remote Assistance invitations to be sent from this computer"
Unselect: "Allow users to connect remotely to this computer"
Click: "OK" Button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Folder Options
by edepot on Sat Feb 21, 2009 7:01 am
In Windows XP "Folder Options" gadget of Control Panel.
"Folder Options" Window:
Click: "Folder Options" Tab: View
Select:
"Display the contents of system folders"
"Display the full path in the title bar"
"Show hidden files and folders"
Unselect:
"Hide extensions for known file types"
"Hide protected operating system files (Recommended)"
Click: "Folder Options" Tab: Offline Files
Unselect: "Enable Offline Files"
Click: "OK" Button
(Note: for Offline Files option to show up you must disable Fast User Switching: see below)
"Folder Options" Window:
Click: "Folder Options" Tab: View
Select:
"Display the contents of system folders"
"Display the full path in the title bar"
"Show hidden files and folders"
Unselect:
"Hide extensions for known file types"
"Hide protected operating system files (Recommended)"
Click: "Folder Options" Tab: Offline Files
Unselect: "Enable Offline Files"
Click: "OK" Button
(Note: for Offline Files option to show up you must disable Fast User Switching: see below)
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
User Accounts
by edepot on Sat Feb 21, 2009 7:06 am
In Windows XP "User Accounts" gadget of Control Panel.
"User Accounts" Window:
Click: "Change the way users log on or off"
Unselect: "Use Fast User Switching"
Click: "Apply Options" Button
"User Accounts" Window:
Click: "Change the way users log on or off"
Unselect: "Use Fast User Switching"
Click: "Apply Options" Button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Network Connections
by edepot on Sat Feb 21, 2009 7:28 am
In Windows XP "Network Connections" gadget of Control Panel.
For every icon (X) in that window, right click and select properties...
"(X) Connection Properties" Window:
Click: "(X) Connection Properties" Tab: General
Uninstall every item except for "Internet Protocol (TCP/IP)"
Click: "Internet Protocol (TCP/IP)"
Click: "Properties" Button
"Internet Protocol (TCP/IP) Properties Window:
Click: "Internet Protocol (TCP/IP) Properties" Tab: General
Click: "Advanced..." Button
"Advanced TCP/IP Settings" Window:
Click: "Advanced TCP/IP Settings" Tab: WINS
Unselect: Enable LMHOSTS lookup
Select: Disable NetBIOS over TCP/IP
Click: "OK" Button
"Internet Protocol (TCP/IP) Properties" Window:
Click: "OK" Button
Click: "(X) Connection Properties" Tab: Advanced
Click: "Settings..." Button
"Windows Firewall" Window:
Click: "Windows Firewall" Tab: General
Select: "On (recommended)"
Select: "Don't allow exceptions"
Click: "Windows Firewall" Tab: Exceptions
Unselect: Every item you see should be unselected
Click: "OK" Button
"(X) Connection Properties" Window:
Click: "Close" Button
For every icon (X) in that window, right click and select properties...
"(X) Connection Properties" Window:
Click: "(X) Connection Properties" Tab: General
Uninstall every item except for "Internet Protocol (TCP/IP)"
Click: "Internet Protocol (TCP/IP)"
Click: "Properties" Button
"Internet Protocol (TCP/IP) Properties Window:
Click: "Internet Protocol (TCP/IP) Properties" Tab: General
Click: "Advanced..." Button
"Advanced TCP/IP Settings" Window:
Click: "Advanced TCP/IP Settings" Tab: WINS
Unselect: Enable LMHOSTS lookup
Select: Disable NetBIOS over TCP/IP
Click: "OK" Button
"Internet Protocol (TCP/IP) Properties" Window:
Click: "OK" Button
Click: "(X) Connection Properties" Tab: Advanced
Click: "Settings..." Button
"Windows Firewall" Window:
Click: "Windows Firewall" Tab: General
Select: "On (recommended)"
Select: "Don't allow exceptions"
Click: "Windows Firewall" Tab: Exceptions
Unselect: Every item you see should be unselected
Click: "OK" Button
"(X) Connection Properties" Window:
Click: "Close" Button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Add or Remove Programs
by edepot on Sat Feb 21, 2009 7:42 am
In Windows XP "Add or Remove Programs" gadget of Control Panel.
"Add or Remove Programs" Window:
Click: "Add/Remove Windows Components" (near left side of window)
"Windows Components Wizard" Window:
Unselect:
"Internet Information Services (IIS)"
"MSN Explorer"
"Networking Services"
"Other Netowrk File and Print Services"
"Outlook Express"
"Windows Media Player"
"Windows Messenger"
Click: "Next >" Button
Click: "Finish" Button
"Add or Remove Programs" Window:
Click: "Add/Remove Windows Components" (near left side of window)
"Windows Components Wizard" Window:
Unselect:
"Internet Information Services (IIS)"
"MSN Explorer"
"Networking Services"
"Other Netowrk File and Print Services"
"Outlook Express"
"Windows Media Player"
"Windows Messenger"
Click: "Next >" Button
Click: "Finish" Button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Display Properties
by edepot on Sat Feb 21, 2009 8:00 am
In Windows XP "Display Properties" gadget of Control Panel.
"Display Properties" Window:
Click: "Display Properties" Tab: Desktop
Click: "(None)" for the Background
Click: "Display Properties" Tab: Screen Saver
Select: "Blank" for Screen saver
Select: "20" minutes
Select: "On resume, password protect"
Click: "Power..." Button
"Power Options Properties" Window:
Click: "Power Options Properties" Tab: Advanced
Select: "Prompt for password when computer resumes from standby"
Click: "Apply" Button
Click: "OK" Button
"Display Properties" Window:
Click: "Display Properties" Tab: Appearance
Click: "Effects..." Button
"Effects" Window:
Select: "ClearType" in "Use the following method to smooth edges of screen fonts:"
Click: "OK" Button
"Display Properties" Window:
Click: "Apply" Button
Click: "Ok" button
"Display Properties" Window:
Click: "Display Properties" Tab: Desktop
Click: "(None)" for the Background
Click: "Display Properties" Tab: Screen Saver
Select: "Blank" for Screen saver
Select: "20" minutes
Select: "On resume, password protect"
Click: "Power..." Button
"Power Options Properties" Window:
Click: "Power Options Properties" Tab: Advanced
Select: "Prompt for password when computer resumes from standby"
Click: "Apply" Button
Click: "OK" Button
"Display Properties" Window:
Click: "Display Properties" Tab: Appearance
Click: "Effects..." Button
"Effects" Window:
Select: "ClearType" in "Use the following method to smooth edges of screen fonts:"
Click: "OK" Button
"Display Properties" Window:
Click: "Apply" Button
Click: "Ok" button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Internet Properties
by edepot on Sat Feb 21, 2009 11:37 am
In Windows XP "Internet Properties" gadget of Control Panel.
"Internet Properties" Window:
Click: "Internet Properties" Tab: General
Click: "Use blank" Button for Home page
Click: "Internet Properties" Tab: Programs
Click: "Manage add-ons" Button
"Manage Add-ons" Window:
Select: "Add-ons that have been used by Internet Explorer"
Disable the following Add-ons:
"AcroIEHlprObj Class"
"Diagnose Connection Problems..."
"Windows Messenger"
Select: "Add-ons that run without requiring permission"
Disable the following Add-ons:
"Adobe Acrobat Control for ActiveX"
"Shockwave Flash Object"
"HtmlDlgSafeHelper Class"
"InormationCardSinginHelper Class"
"Microsoft Shell UI Helper"
"Scripting.Dictionary"
"Shockwave Flash Object"
"Tabular Data Control"
"Windows Media Player"
Select: "Downloaded ActiveX Controls (32-bit)"
Disable all that are listed
Click: "OK" Button (Confirm if necessary)
"Internet Properties" Window:
Click: "Internet Properties" Tab: Advanced
Unselect: "Enable third-party browser extensions"
Select: "Empty Temporary Internet Files folder when browser is closed"
Click: "Apply" Button
Click" "OK" Button
"Internet Properties" Window:
Click: "Internet Properties" Tab: General
Click: "Use blank" Button for Home page
Click: "Internet Properties" Tab: Programs
Click: "Manage add-ons" Button
"Manage Add-ons" Window:
Select: "Add-ons that have been used by Internet Explorer"
Disable the following Add-ons:
"AcroIEHlprObj Class"
"Diagnose Connection Problems..."
"Windows Messenger"
Select: "Add-ons that run without requiring permission"
Disable the following Add-ons:
"Adobe Acrobat Control for ActiveX"
"Shockwave Flash Object"
"HtmlDlgSafeHelper Class"
"InormationCardSinginHelper Class"
"Microsoft Shell UI Helper"
"Scripting.Dictionary"
"Shockwave Flash Object"
"Tabular Data Control"
"Windows Media Player"
Select: "Downloaded ActiveX Controls (32-bit)"
Disable all that are listed
Click: "OK" Button (Confirm if necessary)
"Internet Properties" Window:
Click: "Internet Properties" Tab: Advanced
Unselect: "Enable third-party browser extensions"
Select: "Empty Temporary Internet Files folder when browser is closed"
Click: "Apply" Button
Click" "OK" Button
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Administrative Tools
by edepot on Sat Feb 21, 2009 12:34 pm
In Windows XP "Administrative Tools" gadget of Control Panel
"Administrative Tools" Window:
Open: Services
"Services" Window:
Right click on each of the following entries, choose "Properties", and then "Stop" and select "Disabled" for Startup type...
Many may require a reboot to take effect after you set it to "disabled"
"Application Layer Gateway Service"
"Ati HotKey Pooler"
"Clipbook"
*"DCOM Server Process Launcher" (Needed or windowsupdate.com)
*"Distributed Transaction Coordinator"
"Fast User Switching Compatibility"
"Help and Support"
"Human Interface Device Access"
"Indexing Service"
"NetMeeting Remote Desktop Sharing"
"Network DDE"
"Network DDE DSDM"
*"Network Location Awareness (NLA)"
"Print Spooler"
"Remote Desktop Help Session Manager"
"Remote Registry"
"Routing and Remote Access"
"Secondary Logon"
"Shell Hardware Detection"
"Smart Card"
"SoundMAX Agent Service"
"SSDP Discovery Service"
*"Task Scheduler"
"TCP/IP NetBIOS Helper"
"Telnet"
*"Terminal Services"
"Universal Plug and Play Device Host"
"WebClient"
"Windows Time"
"Wireless Zero Configuration"
"WMI Performance Adapter"
"Administrative Tools" Window:
Open: Services
"Services" Window:
Right click on each of the following entries, choose "Properties", and then "Stop" and select "Disabled" for Startup type...
Many may require a reboot to take effect after you set it to "disabled"
"Application Layer Gateway Service"
"Ati HotKey Pooler"
"Clipbook"
*"DCOM Server Process Launcher" (Needed or windowsupdate.com)
*"Distributed Transaction Coordinator"
"Fast User Switching Compatibility"
"Help and Support"
"Human Interface Device Access"
"Indexing Service"
"NetMeeting Remote Desktop Sharing"
"Network DDE"
"Network DDE DSDM"
*"Network Location Awareness (NLA)"
"Print Spooler"
"Remote Desktop Help Session Manager"
"Remote Registry"
"Routing and Remote Access"
"Secondary Logon"
"Shell Hardware Detection"
"Smart Card"
"SoundMAX Agent Service"
"SSDP Discovery Service"
*"Task Scheduler"
"TCP/IP NetBIOS Helper"
"Telnet"
*"Terminal Services"
"Universal Plug and Play Device Host"
"WebClient"
"Windows Time"
"Wireless Zero Configuration"
"WMI Performance Adapter"
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
Closing Port 135 and 445
by edepot on Thu Feb 26, 2009 10:22 am
In Windows XP, go to Start->All Programs->Accessories->Command Prompt
Type:
regedit
Registry Editor Window:
Find this key, double click it, and delete the value inside it:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/NetBT/Parameters/TransportBindName
Find this key, double click it, and change the value to N:
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Ole/EnableDCOM
Find this key, double click it, and delete ncacn_ip_tcp inside it:
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Rpc/DCOM_Protocols
Go to File->Exit to exit Registry Editor
Reboot your computer.
Port 445 is closed by the first registry edit above.
Port 135 is closed by the last two registry edit above.
To check if both ports are closed, use this command in the Command Prompt:
netstat -ano
Type:
regedit
Registry Editor Window:
Find this key, double click it, and delete the value inside it:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/NetBT/Parameters/TransportBindName
Find this key, double click it, and change the value to N:
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Ole/EnableDCOM
Find this key, double click it, and delete ncacn_ip_tcp inside it:
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Rpc/DCOM_Protocols
Go to File->Exit to exit Registry Editor
Reboot your computer.
Port 445 is closed by the first registry edit above.
Port 135 is closed by the last two registry edit above.
To check if both ports are closed, use this command in the Command Prompt:
netstat -ano
- edepot
- Site Admin
- Posts: 379
- Joined: Sat Mar 01, 2008 9:26 pm
12 posts
• Page 1 of 2 • 1, 2
Who is online
Users browsing this forum: No registered users and 1 guest