Re: Security for Win XP Home

From: Kamal Habayeb (k.habayeb_at_cox.net)
Date: 09/10/03

  • Next message: Birl: "Re: Security for Win XP Home"
    Date: Wed, 10 Sep 2003 14:18:33 -0700
    To: "Anderson, Kelly" <kjanders@umich.edu>
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Anderson, Kelly wrote:

    | Hello. I'm trying to advise a friend about how to better secure his
    | WinXP Home machine, and have not found anything that explains how this
    | can be done. This is a home machine, on an always-on cable modem, with
    | very un-savvy users.
    |
    | All the books on XP Home I've found are pretty dumbed-down. And most of
    | the articles I've found discuss XP Pro and include a "blurb" about
    | such-and-such not being available in XP Home. Thus far, I've discovered
    | that the Local Users and Groups is not available, and that all
    | connections authenticate as "guest". This is uncomfortable for someone
    | who deals with domain security.
    |
    | For instance, it seems that to get administrator access, one must boot
    | to safe mode? And what about local security policies? I'm very
    | familiar with locking down an XP Pro machine, both inside and outside
    | Active Directory domains, but can't seem to understand what's up with
    | Home. Anyone have any advice?

    In my opinion WinXP home is worthless, but if you must use it then you
    can't beat setting up a hardware firewall. This will handle most of the
    problems. If this can't be done, then a software firewall is the next
    best thing. Also, make sure that all the accounts have passwords. It
    should have a users option under the control panel where you can set
    account passwords and make the accounts private. You should also be
    able to disable the guest account. For someone used to domain security,
    WinXP home is like driving a car from the 1960's.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (MingW32)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQE/X5UoWz5e+owG3loRAkWyAJ9Pur3rpXsC+q1hTFqkd05mTmYSbwCfV3h/
    J9DEZ7r5EI4ggKWSw8pGJ3o=
    =KYKz
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------


  • Next message: Birl: "Re: Security for Win XP Home"