Re: Windows xp security



ArtDent wrote:
On 1-Mar-2006, "Nowhere" <Nowhere@xxxxxxxxxxxxxxx> wrote:


I'm looking for simple and advanced Win xp security tips, on and off
line.
Maximum protection possible. Not links, but concise, sensible and
reliable
security tips from good users. Thank you.


Use a router unless you are on dial-up.
Use an _up-to-date_ anti/virus program.
Use an _up-to-date_ anti/spyware program or two or three.
Use a software firewall.
Use common sense when browsing and opening emails.
Use alternate programs for browsing and email and newsgroups. (no IE or
Outlook or OE)
Turn 'sharing' off.
These should keep _most_ of the 'nasties' at bay.
HTH
HAND

Heh don't forget to hide those machines inbound below port 1024 from the Internet unless you really have a good reason to expose server services. If you have a requirement, ensure the exposure is limited to the least amount of IP's required. This is extremely important on winX machines but also applies to NIX environs as well. A stateful firewall will automatically block those services however limiting port exposures to only what is required is your best safety.

A good stateful hardware firewall is useful and are almost cheap these days. Several can be used as a router/hub and they are useful for locking down a wireless node in its own DMZ and reduce exposure of the local subnet. I have had a few folks attempt to attack my local home network over an exposed wireless NIC. Just can't trust anyone these days. Also ensure that the firewall is software upgradable. I have had to upgrade my CISCO a few times over the years.

If you use winX or NIX system ensure only the services you require are running. MS has many services running that are not required by most people (I still wonder why MS thinks most home users need a message of the day service running for example). NIX systems can also inadvertantly open services with some packages if you are not careful.

Know what services are required for your use and check occasionally to ensure that the latest patch or some stray software package has not turned something on that is not needed. I have had MS turn unneeded services back on after I patched even though the services were manually disabled. It is nice to have that hardware firewall protect me from myself sometimes.

Winged
.



Relevant Pages

  • Re: Just venting (totally OT)
    ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... not visiting dodgy Websites. ... The protection that it does supply is also provided by ...
    (uk.people.support.depression)
  • Re: Just venting (totally OT)
    ... how long it plays for because it's all been ripped on to hard disc ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... The protection that it does supply is also provided by ...
    (uk.people.support.depression)
  • Re: What is broken:McAfeee firewall or my router ????? Urgent, ple
    ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ...
    (microsoft.public.security)
  • Re: What is broken:McAfeee firewall or my router ????? Urgent, ple
    ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ...
    (microsoft.public.security)
  • Re: Just venting (totally OT)
    ... long it plays for because it's all been ripped on to hard disc so it ... I'm paranoid about opening up my firewall "just in case..." ... having the protection of a router, not opening dodgy emails, and not ... The protection that it does supply is also provided by your router ...
    (uk.people.support.depression)