RE: Security for Win XP Home

From: NDG (nom.de.guerre_at_bonbon.net)
Date: 09/11/03

  • Next message: Shackleford, Dave: "RE: Security for Win XP Home"
    To: <focus-ms@securityfocus.com>
    Date: Thu, 11 Sep 2003 15:27:26 -0500
    
    

    <unlurk>
    While I am not exactly the strongest advocate of Microsoft,
    I take issue with the statement that XP Home is 'worthless' for the unsavvy
    user.
    Rather , it is designed for the unsavvy user, with one feature which is
    actually perfectly appropriate
    The Internet Connection Firewall is in a small way a very good thing.
    Any system which enables stateful inspection IP Filtering limited to common
    client protocols with a
    single checkbox ain't all bad . Better would be to ship it enabled.
    (I understand they are thinking of doing that)
    Searching Help for ICF will tell you how.
    Passwords are always a good thing too ;)

    That said, XP Home should *never* be considered for any really secure use -
    any more than a Ford Focus should be considered for heavy hauling.

    BTW - Red Had 9.0 (my other laptop OS) sets up iptables in a very similar
    manner by default at installation

    Cheers

    d

    -----Original Message-----
    From: Kamal Habayeb [mailto:k.habayeb@cox.net]
    Sent: Wednesday, September 10, 2003 4:19 PM
    To: Anderson, Kelly
    Cc: focus-ms@securityfocus.com
    Subject: Re: Security for Win XP Home

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Anderson, Kelly wrote:

    | Hello. I'm trying to advise a friend about how to better secure his
    | WinXP Home machine, and have not found anything that explains how this
    | can be done. This is a home machine, on an always-on cable modem,
    | with very un-savvy users.
    |
    | All the books on XP Home I've found are pretty dumbed-down. And most
    | of the articles I've found discuss XP Pro and include a "blurb" about
    | such-and-such not being available in XP Home. Thus far, I've
    | discovered that the Local Users and Groups is not available, and that
    | all connections authenticate as "guest". This is uncomfortable for
    | someone who deals with domain security.
    |
    | For instance, it seems that to get administrator access, one must boot
    | to safe mode? And what about local security policies? I'm very
    | familiar with locking down an XP Pro machine, both inside and outside
    | Active Directory domains, but can't seem to understand what's up with
    | Home. Anyone have any advice?

    In my opinion WinXP home is worthless, but if you must use it then you can't
    beat setting up a hardware firewall. This will handle most of the problems.
    If this can't be done, then a software firewall is the next best thing.
    Also, make sure that all the accounts have passwords. It should have a
    users option under the control panel where you can set account passwords and
    make the accounts private. You should also be able to disable the guest
    account. For someone used to domain security, WinXP home is like driving a
    car from the 1960's. -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (MingW32)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQE/X5UoWz5e+owG3loRAkWyAJ9Pur3rpXsC+q1hTFqkd05mTmYSbwCfV3h/
    J9DEZ7r5EI4ggKWSw8pGJ3o=
    =KYKz
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security
    Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------


  • Next message: Shackleford, Dave: "RE: Security for Win XP Home"