Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Securing Microsoft Windows

Securing Microsoft Windows

Ratings: (0)|Views: 8|Likes:
Published by Bernard A Ekoh

More info:

Published by: Bernard A Ekoh on Nov 06, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

02/01/2013

pdf

text

original

Securing Microsoft
Windows
(2000/XP/2003)
by Guillaume Kaddouch, November 2006
INDEX TABLE
INTRODUCTION.................................................................................... 3
I \u2013 KEEPING YOUR WINDOWS UP TO DATE...........................................4
1.1. Enabling Automatic Windows Update........................................................ 4
1.2. Checking Microsoft Office updates............................................................. 5
II - CONFIGURING WINDOWS SERVICES..............................................6
2.1. Disabling unneeded Windows services...................................................... 6
2.2. Setting services startup to manual............................................................ 9
III \u2013 REMOVING UNNEEDED PROGRAMS AT STARTUP........................ 10
IV - RUNNING EXPOSED PROGRAMS WITH RESTRICTED RIGHTS....... 11

4.1. Identifying 'critical' or 'exposed' applications..........................................11 4.2. Setting restricted rights for a given program (WinXP PRO/Win2K3)....... 11 4.3. Setting restricted rights for a given program (WinXP Home/Win2K).......14

V - CONFIGURING FILES AND EXTENSIONS DISPLAY......................... 15
VI - SETTING UP STRONG PASSWORDS.............................................. 16
6.1. Password complexity............................................................................... 16
6.2. Password diversity.................................................................................. 16
CONCLUSION.......................................................................................18
Securing Microsoft Windows
2/18
Guillaume Kaddouch
INTRODUCTION

This guide is for the average user or a new user who just bought a computer, and is willing to secure his Windows Operating System. This guide does not contain complex tips meant for advanced users, but rather the basis of Windows security for everyday use. There is nothing incredible or until now unknown in this guide, so if you are looking at this, you can skip it. The purpose of this paper is to help you configuring securely your OS, and to disable some default dangerous settings.

Lastly, I have came across badly infected computers, and some of them had at least one antivirus, and even a firewall. Nowadays malware are more aggressive than ever, and are more and more using user-mode rootkits to hide their files and processes, while attacking your main security applications to disable them. Some of these infected systems were not without any security, but the users have randomly added some security software without understanding what they were doing. Security is not a setup executable that you can install and forget, but instead a global process, beginning with the OS (configuring it), and requiring understanding and awareness from the one who is securing his system.

Usually, when you first get a computer and are asking for advices to secure it, you are often told to install various security software, such as an antivirus. However, following this way, you are adding security on the top of something insecure by default, your Operating System.

Windows is your security foundations, if it is weak, then everything on top of it can collapse. For instance, a malware could exploit a known Windows vulnerability in a service running by default, to execute, but if this vulnerability is patched, and that this service is disabled, then the malware is dead in it's track. Thus, you must take care of Windows itself first, this is as critical as making the foundations of a building.

In what follows, we will see together how to decrease your exposure to various threats, by disabling unneeded Windows services, configuring few Windows options, setting up updates, controlling what is starting up, setting strong passwords, and by setting up some critical programs rights and privileges.

This guide applies to Windows XP Home Edition and Professional Edition, Windows 2000, and Windows 2003. However, some general advices are true for all OS, so it's still good to read this guide even if you have Windows 98.

Securing Microsoft Windows
3/18
Guillaume Kaddouch

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->