Tips for securely setting up WinXP operating systems

Windows XP is respected for its stability, strong personal and network capabilities, and its "NT Kernel" allows us to strengthen security protection.


1. General Safety


's so-called "conventional security protection" is to install antivirus software with Windows 981, upgrade the system, and prohibit ping three security methods. To emphasize that Windows XP and its predecessor, Windows 20,001, have an endless stream of vulnerabilities, and that upgrades to the system cannot be as sloppy as Windows 98, in addition to installing Microsoft's "shock wave" patch, it is recommended that Windows XP upgrades to the latest service Pack 1 (increased resource occupancy after the upgrade, but with increased security and stability).


2. Disable Remote Assistance, shielding unused ports


has a feature called Remote Assistance on Windows XP that allows users to send Remote Assistance invitations to friends on MSN to help them solve their problems when they are having trouble using a computer.


The Remote Assistance feature is the manifestation of the RPC (remote Procedure Call) service that the Shockwave virus is trying to attack on Windows XP. It is recommended that you do not use this feature, and you should also install the RPC Vulnerability tool and the shock wave immune program that Microsoft provides before you use it. The way to prevent Remote Assistance is to open the System Properties dialog box (right-click My Computer, properties) and remove "√" from "Allow Remote Assistance invitations from this computer" in the "remote" key.


can restrict ports using the system's own TCP/IP filtering service. The method is as follows: Right-click on Network Connections, select Properties, open the Network Connection Properties dialog box, select Internet Protocol (TCP/IP) in the general item, and then click the Properties button below, in Internet Protocol (TCP/IP) properties window, click the [Advanced] button below, in the Advanced TCP/IP Settings window that pops up, select the options item, click the Properties button below, and finally pop the TCP/IP filter window and add TCP, UDP, IP, respectively, through the "Allow only" radio box in the window. such as network protocol allows the port, does not provide a variety of services, you can screen out all the ports. This is the best form of security precaution.


3. Prohibit Terminal Services remote control


Terminal Services is a form of service that Windows XP leaves behind in Windows 2000 systems, which Windows 2000 uses to implement remote server hosting of this service. Users can realize remote control by using terminal. There is a certain difference between Terminal Services and Remote Assistance. Although the implementation of remote control, Terminal Services more attention to the user's login management rights, its each connection requires the current system of a specific login ID, and mutual isolation, "Terminal Services" independent of the current computer user's invitation, can be independent, Be free to log on to the remote computer.


under Windows XP, Terminal Services is turned on by default, (Windows 2000 systems need to install the appropriate components to enable and use Terminal Services) that is, if someone knows a user's login ID on your computer, and you know the IP of the computer, It can take full control of your computer.


the way to turn off Terminal Services in Windows XP systems is as follows: Right-click "My Computer", "Properties", select "Remote", and remove "√" before "allow users to connect to this computer remotely".


4. Turn off Messenger Service

The
Messenger Service is a communication component of Microsoft's Integrated Windows XP system, which is also opened by default. Use it to send information, as long as you know the other side of the IP, and then enter text, the other side of the desktop will pop up the corresponding text information window, and in the case of the messenger service did not shut down forcibly accepted.


Many users do not know how to close it, and suffer from information harassment. In fact, the method is very simple, go to "Control Panel", select "Administrative Tools", start the inside of the "service" item, and then click on the Messenger Item right button, select "Stop" can be.


5. Prevent IPC default sharing


Windows XP allows any user to get all of the system accounts and shared lists through an empty user connection (ipc$) after the default installation, which is intended to facilitate the sharing of resources and files by users of the LAN, but any remote user can use this empty connection to get your list of users. Hackers use this feature to find the system's user list and use some dictionary tools to attack the system. This is the more popular IPC attack on the Internet.


to prevent IPC attacks should be from the system's default configuration, you can modify the registry to remedy the vulnerability:


The first step: Set the RestrictAnonymous entry for the hkey_local _machine/system/currentcontrolset/control/lsa to "1" to prevent null user connections.


Step Two: Open the Hkey_local_machine/system/currentcontrolset/services/lanmanserver/parameters entry for the registry. (material)


for the server, add the key value "AutoShareServer", the type is "REG_DWORD" and the value is "0".


to the client, add the key value "AutoShareWks", the type is "REG_DWORD" and the value is "0".


6. Rational management of Administrator


Windows 2000/XP System, the system will be installed by default to create an administrator user, which has the highest administrative rights of the computer. And some users at the time of installation, not to the administrator user set password. Hackers take advantage of this and use advanced users to log on to each other's computers. Therefore, individual users should properly keep the "administrator" user information, Windows 2000 logon, requires the administrator user's login password, and Windows XP after normal startup, does not see the administrator user's , it is recommended to use Windows XP users to enter Safe mode, and then in the "User account" item in the Control Panel, add a password for the administrator user, or delete it, so as not to leave a hidden danger.