Re: Security for Win XP Home

From: Birl (sbirl_at_temple.edu)
Date: 09/10/03

  • Next message: Ansgar Wiechers: "Re: Disabling sharing and group policies"
    Date: Wed, 10 Sep 2003 17:05:27 -0400 (EDT)
    To: focus-ms@securityfocus.com
    
    

    As it was written on Sep 10, thus Anderson, Kelly typed:

    Kelly: Return-Path:
    Kelly: <focus-ms-return-6043-sbirl=temple.edu@securityfocus.com>
    Kelly: Date: Wed, 10 Sep 2003 10:01:41 -0400
    Kelly: From: "Anderson, Kelly" <kjanders@umich.edu>
    Kelly: To: focus-ms@securityfocus.com
    Kelly: Subject: Security for Win XP Home
    Kelly:
    Kelly: Hello. I'm trying to advise a friend about how to better secure his
    Kelly: WinXP Home machine, and have not found anything that explains how this
    Kelly: can be done. This is a home machine, on an always-on cable modem, with
    Kelly: very un-savvy users.
    Kelly:
    Kelly: All the books on XP Home I've found are pretty dumbed-down. And most of
    Kelly: the articles I've found discuss XP Pro and include a "blurb" about
    Kelly: such-and-such not being available in XP Home. Thus far, I've discovered
    Kelly: that the Local Users and Groups is not available, and that all
    Kelly: connections authenticate as "guest". This is uncomfortable for someone
    Kelly: who deals with domain security.
    Kelly:
    Kelly: For instance, it seems that to get administrator access, one must boot
    Kelly: to safe mode? And what about local security policies? I'm very
    Kelly: familiar with locking down an XP Pro machine, both inside and outside
    Kelly: Active Directory domains, but can't seem to understand what's up with
    Kelly: Home. Anyone have any advice?
    Kelly:
    Kelly: -Kelly

    I have an input file for SecEdit.exe that you can use.
    http://concept.temple.edu/sysadmin/installers/NT-2000-XP/Bastion/Manditory.ini

    It's a rough file .... I removed all of the comments.

    I have a LONGER version, hidden in that same directory, which goes into
    detail with comments and more options. email me separately if
    interested.

    Thanks

     Scott Birl http://concept.temple.edu/sysadmin/
     Senior Systems Administrator Computer Services Temple University
    ====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------


  • Next message: Ansgar Wiechers: "Re: Disabling sharing and group policies"