RE: Security for Win XP Home

From: NDG (nom.de.guerre_at_bonbon.net)
Date: 09/11/03

  • Next message: Shackleford, Dave: "RE: Security for Win XP Home"
    To: <focus-ms@securityfocus.com>
    Date: Thu, 11 Sep 2003 15:27:26 -0500
    
    

    <unlurk>
    While I am not exactly the strongest advocate of Microsoft,
    I take issue with the statement that XP Home is 'worthless' for the unsavvy
    user.
    Rather , it is designed for the unsavvy user, with one feature which is
    actually perfectly appropriate
    The Internet Connection Firewall is in a small way a very good thing.
    Any system which enables stateful inspection IP Filtering limited to common
    client protocols with a
    single checkbox ain't all bad . Better would be to ship it enabled.
    (I understand they are thinking of doing that)
    Searching Help for ICF will tell you how.
    Passwords are always a good thing too ;)

    That said, XP Home should *never* be considered for any really secure use -
    any more than a Ford Focus should be considered for heavy hauling.

    BTW - Red Had 9.0 (my other laptop OS) sets up iptables in a very similar
    manner by default at installation

    Cheers

    d

    -----Original Message-----
    From: Kamal Habayeb [mailto:k.habayeb@cox.net]
    Sent: Wednesday, September 10, 2003 4:19 PM
    To: Anderson, Kelly
    Cc: focus-ms@securityfocus.com
    Subject: Re: Security for Win XP Home

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Anderson, Kelly wrote:

    | Hello. I'm trying to advise a friend about how to better secure his
    | WinXP Home machine, and have not found anything that explains how this
    | can be done. This is a home machine, on an always-on cable modem,
    | with very un-savvy users.
    |
    | All the books on XP Home I've found are pretty dumbed-down. And most
    | of the articles I've found discuss XP Pro and include a "blurb" about
    | such-and-such not being available in XP Home. Thus far, I've
    | discovered that the Local Users and Groups is not available, and that
    | all connections authenticate as "guest". This is uncomfortable for
    | someone who deals with domain security.
    |
    | For instance, it seems that to get administrator access, one must boot
    | to safe mode? And what about local security policies? I'm very
    | familiar with locking down an XP Pro machine, both inside and outside
    | Active Directory domains, but can't seem to understand what's up with
    | Home. Anyone have any advice?

    In my opinion WinXP home is worthless, but if you must use it then you can't
    beat setting up a hardware firewall. This will handle most of the problems.
    If this can't be done, then a software firewall is the next best thing.
    Also, make sure that all the accounts have passwords. It should have a
    users option under the control panel where you can set account passwords and
    make the accounts private. You should also be able to disable the guest
    account. For someone used to domain security, WinXP home is like driving a
    car from the 1960's. -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (MingW32)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQE/X5UoWz5e+owG3loRAkWyAJ9Pur3rpXsC+q1hTFqkd05mTmYSbwCfV3h/
    J9DEZ7r5EI4ggKWSw8pGJ3o=
    =KYKz
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security
    Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------


  • Next message: Shackleford, Dave: "RE: Security for Win XP Home"

    Relevant Pages

    • RE: Security for Win XP Home
      ... Security for Win XP Home ... For WinXP (Home or Pro), you may want to check out Home User Self-Defense at ... firewall security suite that prevent Web applications attacks, ... Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • Re: Integrated security - why not?
      ... Let me explain why we seldom use Integrated Security for Internet asp.net ... how could we setup accounts for them? ... !server to the public network with services such as SQL Server (remember SQL ... The DC at the ISP is not for our own use. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: absolutepoker news
      ... The chances of uncovering any further cheating at any other site are probably slim to none. ... However, knowing poker players as I do, my guess is most Absolute customers will stay right where they are. ... The statement acknowledges the security breach within Absolute's system that allowed information about opponents' hole cards to be transmitted to several suspect accounts, and confirmed that the hand log released accidentally to Marco 'CrazyMarco' Johnson, the runner-up in the suspect tournament, did in fact highlight the security flaw that allowed the site to be compromised. ...
      (rec.gambling.poker)
    • Re: absolutepoker news
      ... The chances of uncovering any further cheating at any other site are probably slim to none. ... However, knowing poker players as I do, my guess is most Absolute customers will stay right where they are. ... The statement acknowledges the security breach within Absolute's system that allowed information about opponents' hole cards to be transmitted to several suspect accounts, and confirmed that the hand log released accidentally to Marco 'CrazyMarco' Johnson, the runner-up in the suspect tournament, did in fact highlight the security flaw that allowed the site to be compromised. ...
      (rec.gambling.poker)
    • Choosing secure passwords - Feedback solicited
      ... Choosing secure passwords is the most important thing you can do to ... secure your accounts and avoid the headaches of a security breach. ... that will help you remember the PIN. ...
      (comp.security.misc)