Linked by Alcibiades on Wed 4th Jan 2006 18:04 UTC
Windows Like a lot of people who have worked in the business, I find myself in conversations about computer security with people who are having problems or know people who have problems. I wrote this to save me from explaining the same thing over and over again to different people, and to save them the trouble of having to make notes as we talked. It was meant to be something you could give to a 'naive user' and have them be able to read and follow it more or less unaided, and while not being a complete guide, at least be something that made them more secure than before they got it.
Permalink for comment 81758
To read all comments associated with this story, please click here.
Securing windows xp step by step
by SEJeff on Wed 4th Jan 2006 20:16 UTC
SEJeff
Member since:
2005-11-05

1.) Enable automatic updates
2.) Download and install the Zonealarm firewall for free from http://www.zonealarm.com the windows firewall is pretty much crap
3.) Open up services.msc and disable many of the "unneeded" services. More information is available in the google cached version of Black Viper's services guide: http://tinyurl.com/dcq5b DCOM, Messager, UPNP
are a few I remember off the top of my head.
4.) Install firefox and remove all references to IE from the desktop / start menu. Set firefox shortcuts
with the IE Icon in C:Program FilesInternet Exploreriexplore.exe
5.) Install adblock with the adblock filterset.g updater and make sure to update the rulesets. This blocks many of the "click me to download evil.exe" banner ads.
6.) Install all of the software the user needs and take them out of the Administrators / Power Users groups in the User control panel, or through mmc.
7.) Install the Microsoft Antispyware, Ad-aware, Spybot Search and Destroy trio and set them to run nightly when the user will be asleep.
http://www.microsoft.com/athome/security/spyware/software/default.m...
http://www.lavasoftusa.com/software/adaware/
http://www.safer-networking.org/en/download/
8.) Don't let the user use Outlook! Mozilla thunderbird
or a webmail service like gmail/hotmail are perfectly
fine.

If you are super paranoid, secure windows xp according
to the US National Security Agency guidelines:
http://nsa2.www.conxion.com/winxp/

Properly following these steps and teaching the user
about evil things like email worms and bad websites
will prevent the inevitable for much longer...

Edit: I got tired of this crap on my parents PC,
they now use a customized version of Ubuntu and love it!

Edited 2006-01-04 20:19

Reply Score: 1