For WinXP (Home or Pro), you may want to check out Home User Self-Defense at
http://www.uksecurityonline.com/husdg/windowsxp/wxpp2.php, which has a lot
of information for disabling unnecessary services.
From there, put on a firewall and antivirus, and keep it up to date.
Good luck!
Dave
----- Original Message -----
From: "Anderson, Kelly" <kjanders (at) umich (dot) edu [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Wednesday, September 10, 2003 10:01 AM
Subject: Security for Win XP Home
Hello. I'm trying to advise a friend about how to better secure his
WinXP Home machine, and have not found anything that explains how this
can be done. This is a home machine, on an always-on cable modem, with
very un-savvy users.
All the books on XP Home I've found are pretty dumbed-down. And most of
the articles I've found discuss XP Pro and include a "blurb" about
such-and-such not being available in XP Home. Thus far, I've discovered
that the Local Users and Groups is not available, and that all
connections authenticate as "guest". This is uncomfortable for someone
who deals with domain security.
For instance, it seems that to get administrator access, one must boot
to safe mode? And what about local security policies? I'm very
familiar with locking down an XP Pro machine, both inside and outside
Active Directory domains, but can't seem to understand what's up with
Home. Anyone have any advice?
-Kelly
***********************************************
Kelly J. Anderson, MCSE
Windows 2000 Infrastructure
University of Michigan
http://www.umich.edu/~lannos/win2000
***********************************************
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
For WinXP (Home or Pro), you may want to check out Home User Self-Defense at
http://www.uksecurityonline.com/husdg/windowsxp/wxpp2.php, which has a lot
of information for disabling unnecessary services.
From there, put on a firewall and antivirus, and keep it up to date.
Good luck!
Dave
----- Original Message -----
From: "Anderson, Kelly" <kjanders (at) umich (dot) edu [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Wednesday, September 10, 2003 10:01 AM
Subject: Security for Win XP Home
Hello. I'm trying to advise a friend about how to better secure his
WinXP Home machine, and have not found anything that explains how this
can be done. This is a home machine, on an always-on cable modem, with
very un-savvy users.
All the books on XP Home I've found are pretty dumbed-down. And most of
the articles I've found discuss XP Pro and include a "blurb" about
such-and-such not being available in XP Home. Thus far, I've discovered
that the Local Users and Groups is not available, and that all
connections authenticate as "guest". This is uncomfortable for someone
who deals with domain security.
For instance, it seems that to get administrator access, one must boot
to safe mode? And what about local security policies? I'm very
familiar with locking down an XP Pro machine, both inside and outside
Active Directory domains, but can't seem to understand what's up with
Home. Anyone have any advice?
-Kelly
***********************************************
Kelly J. Anderson, MCSE
Windows 2000 Infrastructure
University of Michigan
http://www.umich.edu/~lannos/win2000
***********************************************
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]