RE: Security for Win XP Home

• Previous message: NDG: "RE: Security for Win XP Home"
• Maybe in reply to: Anderson, Kelly: "Security for Win XP Home"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Anderson, Kelly'" <kjanders@umich.edu>, focus-ms@securityfocus.com
Date: Wed, 10 Sep 2003 15:48:03 -0400

Hi Kelly-

Frankly, worrying too much about Safe Mode and local policies for a single
home user seems like overkill. The structure of WinXP Home is not really
designed for domain networking, or the typical Windows network architecture,
thus the lack of Local Users and Groups, etc. Having dealt with security for
remote users for a long time now, this is a familiar problem usually solved
in a few steps:

1. Good, current A/V
2. Host-based firewall of SOME sort
3. Updates/patches

Is the user running an Internet-available services such as FTP, IIS, etc? I
don't know that those are even options with XP Home.

A good 'newbie-friendly' resource from M$ is available here:
http://www.microsoft.com/security/protect/default.asp

This spells out a few simple steps with screenshots, etc for people to
follow in securing home machines. It talks about setting up the native ICF
on XP, too, which is a pretty simple option for basic users.

HTH,
Dave
Dave Shackleford
--------------------------------------------------
Technical Lead - NCCDPHP/OIIRM
(770)488-5816
znz1@cdc.gov

-----Original Message-----
From: Anderson, Kelly [mailto:kjanders@umich.edu]
Sent: Wednesday, September 10, 2003 10:02 AM
To: focus-ms@securityfocus.com
Subject: Security for Win XP Home

Hello. I'm trying to advise a friend about how to better secure his WinXP
Home machine, and have not found anything that explains how this can be
done. This is a home machine, on an always-on cable modem, with very
un-savvy users.

All the books on XP Home I've found are pretty dumbed-down. And most of the
articles I've found discuss XP Pro and include a "blurb" about such-and-such
not being available in XP Home. Thus far, I've discovered that the Local
Users and Groups is not available, and that all connections authenticate as
"guest". This is uncomfortable for someone who deals with domain security.

For instance, it seems that to get administrator access, one must boot to
safe mode? And what about local security policies? I'm very familiar with
locking down an XP Pro machine, both inside and outside Active Directory
domains, but can't seem to understand what's up with Home. Anyone have any
advice?

-Kelly

***********************************************
Kelly J. Anderson, MCSE
Windows 2000 Infrastructure
University of Michigan
http://www.umich.edu/~lannos/win2000
***********************************************
 

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

• Previous message: NDG: "RE: Security for Win XP Home"
• Maybe in reply to: Anderson, Kelly: "Security for Win XP Home"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]