Securing Windows XP

I know *nothing* of Windows. I am a Linux, Mac, and RISC OS hacker but
have avoided Windows all my life. However, I find myself in the position
of reinstalling Windows XP on a friend's laptop after reformatting to
get rid of a suspected viral infection. I've heard that Windows XP
service pack 2 can be infected within minutes of connecting to the
Internet unless, of course, you know what you're doing and enable all
the security features and disable daemons/services you don't need to
have with listening open ports. I certainly don't know what I'm doing
when it comes to Windows, so I was wondering if anyone could offer a
simple step by step guide to tightening Windows security.

....or point me to a site that will walk me through it.

For instance, right now I'm in the middle of the installation and the
setup "wizard" is asking about the network settings. I chose to do a
custom setup so that I could check that everything looks sane. I'm
fairly experienced at TCP/IP networking, but I don't know anything about
Windows networking concepts such as WINS, LMHOSTS, or NetBIOS. My
inclination is to turn off anything I don't understand, but perhaps that
would be a mistake. I need advice from someone who knows their Windows
security.

Thanks.

--
James Taylor

On 21/07/2006 James Taylor wrote:

>For instance, right now I'm in the middle of the installation and the
>setup "wizard" is asking about the network settings. I chose to do a
>custom setup so that I could check that everything looks sane. I'm
>fairly experienced at TCP/IP networking, but I don't know anything about
>Windows networking concepts such as WINS, LMHOSTS, or NetBIOS. My
>inclination is to turn off anything I don't understand, but perhaps that
>would be a mistake. I need advice from someone who knows their Windows
>security.

If you want to be secure pull the network cable out while installing.

You only need TCP/IP, and that's all that gets installed by default.

After the installation you can set up the network - you'll recognise the
bits you need, IP address, subnet mask, default gateway. Same as Linux in
that you can have fixed IP address or use DHCP.

Once you're happy and the connection is protected by the Windows firewall
re-connect the network cable (if you're sitting behind a decent router
you'll have good protection anyway).

It would be sensible to have an anti virus program, AdAware and SpyBot
Search and Destroy. The best precaution against future infection is safe
hex, you'll have to judge if the user is capable of that!

--
Jeff Gaines - Damerham Hampshire UK
Using XanaNews 1.18.1.3

Jeff Gaines wrote:
> On 21/07/2006 James Taylor wrote:
>
>> For instance, right now I'm in the middle of the installation and the
>> setup "wizard" is asking about the network settings. I chose to do a
>> custom setup so that I could check that everything looks sane. I'm
>> fairly experienced at TCP/IP networking, but I don't know anything about
>> Windows networking concepts such as WINS, LMHOSTS, or NetBIOS. My
>> inclination is to turn off anything I don't understand, but perhaps that
>> would be a mistake. I need advice from someone who knows their Windows
>> security.
>
> If you want to be secure pull the network cable out while installing.
>
> You only need TCP/IP, and that's all that gets installed by default.
>
> After the installation you can set up the network - you'll recognise the
> bits you need, IP address, subnet mask, default gateway. Same as Linux in
> that you can have fixed IP address or use DHCP.
>
> Once you're happy and the connection is protected by the Windows firewall
> re-connect the network cable (if you're sitting behind a decent router
> you'll have good protection anyway).
>
> It would be sensible to have an anti virus program, AdAware and SpyBot
> Search and Destroy. The best precaution against future infection is safe
> hex, you'll have to judge if the user is capable of that!

spyware blaster does a good job of keeping the most virulent spyware sites
from hijacking your system. But in windows, nothing will stop malware when
the user clicks yes.

Gaz

In message <1hiundx.1tahe4v1gy8g3iN%(E-Mail Removed) k.invalid>,
James Taylor <(E-Mail Removed)> writes
>
>when it comes to Windows, so I was wondering if anyone could offer a
>simple step by step guide to tightening Windows security.
Not read it yet but Personal Computer World has an article on securing
XP this month with a step by step guide, might be worth a quick read in
Smiths to see if it looks good to you?
>
>fairly experienced at TCP/IP networking, but I don't know anything about
>Windows networking concepts such as WINS, LMHOSTS, or NetBIOS.
TCP/IP is the only protocol installed by default, you don't need to
configure or even install any other. WINS and LMHOSTS died with NT4
(supported under 2000 for 'mixed' environments) so unless you're on an
*old* network with a server, it really doesn't need to be played with,
it's a non-routable protocol anyway IIRC.
>My
>inclination is to turn off anything I don't understand, but perhaps that
>would be a mistake. I need advice from someone who knows their Windows
>security.
Most stuff was turned off by SP2, slipstream a copy into your install
media if you don't have media with it on, www.theeldergeek.com tells you
how and has some good XP info you might find useful.
>
>Thanks.
>

--
Clint Sharp

James Taylor wrote:
> I know *nothing* of Windows. I am a Linux, Mac, and RISC OS hacker but
> have avoided Windows all my life. However, I find myself in the position
> of reinstalling Windows XP on a friend's laptop after reformatting to
> get rid of a suspected viral infection. I've heard that Windows XP
> service pack 2 can be infected within minutes of connecting to the
> Internet unless, of course, you know what you're doing and enable all
> the security features

That was SP1, SP2 is more secure than SP1 by default. Not to say it's
perfect by any means, but at least the inbuilt firewall is switched on
by default this time and it nags you to install AV software, which is
better. Once AV is installed, getting all the latest Windows Update
patches is a must, accessible from the start menu or at
http://windowsupdate.microsoft.com/

--
"Global warming, earthquakes, hurricanes, and other natural
disasters are a direct effect of the shrinking numbers of
Pirates since the 1800s"

"James Taylor" <(E-Mail Removed)> wrote in message
news:1hiundx.1tahe4v1gy8g3iN%(E-Mail Removed). co.uk.invalid...
>I know *nothing* of Windows. I am a Linux, Mac, and RISC OS hacker but
> have avoided Windows all my life. However, I find myself in the position
> of reinstalling Windows XP on a friend's laptop after reformatting to
> get rid of a suspected viral infection. I've heard that Windows XP
> service pack 2 can be infected within minutes of connecting to the
> Internet

No. SP2 fixed the lsass exploit and added many good security features.

Install XP SP2 then connect to internet. Download all the patches and you
are good to go.

Run good AV (bitdefender/kaspersky) and do weekly spyware scans (AdAware +
Spysweeper/Spyware Doctor).
Install Mike Lin's excellent Startup Control Panel and get to know XP's
processes.

Now don't be clueless!!

If you must access crakz/warez/porn sites use latest Firefox with java and
javascript turned OFF - also use NoScript plugin.

Best of all is to be behind a hardware router...

No protection is available again foolish behaviour yet however. ;-)

Guy