Re: Security for Win XP Home

From: Birl (sbirl_at_temple.edu)
Date: 09/10/03

  • Next message: Ansgar Wiechers: "Re: Disabling sharing and group policies"
    Date: Wed, 10 Sep 2003 17:05:27 -0400 (EDT)
    To: focus-ms@securityfocus.com
    
    

    As it was written on Sep 10, thus Anderson, Kelly typed:

    Kelly: Return-Path:
    Kelly: <focus-ms-return-6043-sbirl=temple.edu@securityfocus.com>
    Kelly: Date: Wed, 10 Sep 2003 10:01:41 -0400
    Kelly: From: "Anderson, Kelly" <kjanders@umich.edu>
    Kelly: To: focus-ms@securityfocus.com
    Kelly: Subject: Security for Win XP Home
    Kelly:
    Kelly: Hello. I'm trying to advise a friend about how to better secure his
    Kelly: WinXP Home machine, and have not found anything that explains how this
    Kelly: can be done. This is a home machine, on an always-on cable modem, with
    Kelly: very un-savvy users.
    Kelly:
    Kelly: All the books on XP Home I've found are pretty dumbed-down. And most of
    Kelly: the articles I've found discuss XP Pro and include a "blurb" about
    Kelly: such-and-such not being available in XP Home. Thus far, I've discovered
    Kelly: that the Local Users and Groups is not available, and that all
    Kelly: connections authenticate as "guest". This is uncomfortable for someone
    Kelly: who deals with domain security.
    Kelly:
    Kelly: For instance, it seems that to get administrator access, one must boot
    Kelly: to safe mode? And what about local security policies? I'm very
    Kelly: familiar with locking down an XP Pro machine, both inside and outside
    Kelly: Active Directory domains, but can't seem to understand what's up with
    Kelly: Home. Anyone have any advice?
    Kelly:
    Kelly: -Kelly

    I have an input file for SecEdit.exe that you can use.
    http://concept.temple.edu/sysadmin/installers/NT-2000-XP/Bastion/Manditory.ini

    It's a rough file .... I removed all of the comments.

    I have a LONGER version, hidden in that same directory, which goes into
    detail with comments and more options. email me separately if
    interested.

    Thanks

     Scott Birl http://concept.temple.edu/sysadmin/
     Senior Systems Administrator Computer Services Temple University
    ====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------


  • Next message: Ansgar Wiechers: "Re: Disabling sharing and group policies"

    Relevant Pages

    • Security for Win XP Home
      ... WinXP Home machine, and have not found anything that explains how this ... And what about local security policies? ... Active Directory domains, but can't seem to understand what's up with ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • RE: Security for Win XP Home
      ... Security for Win XP Home ... >WinXP Home machine, and have not found anything that explains how this ... Simple explanation on how to set this up here: ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • RE: Security for Win XP Home
      ... The structure of WinXP Home is not really ... Security for Win XP Home ... Home machine, and have not found anything that explains how this can be ... Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • Re: testing laptop based on bsd anyone
      ... "A new linux distribution for Wardrivers" ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)
    • Re: testing laptop based on bsd anyone
      ... Hopefully it will point at some nice BSD ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)