In addition to the services of third parties such as Spybot, installed anti-virus and firewall programs,
there are some changes you do with Windows 2000/XP. Here are some details to make your system more secure from hackers and hijackers.Some of these tips require editing the registry so it is recommended that you back or recording and / or create a restore point.
- 1st:- Clear the paging file at shutdown
Swap file in Windows 2000/XP (sometimes called the swap file) may contain confidential information such as passwords in clear text. Anyone can use the system to access the file and look for information to browse. You can force Windows to delete this file.
Registration is HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession Manager Memory Management and add or edit the DWORD ClearPageFileAtShutdown. Set this value to 1.
Note that if you do this, the system takes much longer to close: can a system with a large paging file may take a minute or two (or more gig!). <!–more–>
- 2nd:- Disable the POSIX and OS / 2
Windows 2000 and XP have little data on the sub-systems, compatibility with UNIX and OS / 2 systems rues These systems can be activated by default, but is rarely used in order to make the best of all, to prevent the abduction of the service.
To disable these subsystems, you open the registry and go to HKEY LOCAL Manager subsystem MACHINESYSTEMCurrentControlSetControlSession. Delete the subkey OS2 and POSIX. then reboot.
- 3rd:- Leave the password blank by default.
During installation, Windows 2000, create an administrator account with full access to the system, and a password. You know one thing: By default, allows the password blank. If a user wants to enter a password, you can click Next and the system is an open door to be accessible to everyone. Always set the password of some sort on the default access to a machine to decide.
- 4th:- Disable the guest account
Windows XP comes with a guest account that is used for a limited access, but still able to do any damage. Completely off when not in use. In the Control Panel, select User Accounts, click Guest Account and then select Disable the guest account.
- 5th:- Install Windows to a different directory.
Windows is usually installed in the Windows directory. Windows NT 4 0 and 2000 will opt for WINNT. Many worms and other malicious programs assume that this is the case, and groped to capitalize on those folders. To defeat this installation of Windows in another directory when you create – you can specify the directory name during installation. WINDIR is in order, so that some people use WNDWS – some programs (not many) are not properly installed when you install Windows in another folder, but hey t are few and far between
- 6th:- Attackers trick the administrator account with a fictitious
As the default account in Windows 2000 was appointed as a director, an enterprising hacker can get into the system, tentatively try to guess the password of the account. He has never taken the trouble to set a password for this account, say your prayers.
Rather than a fool for a hacker to set a password for the Administrator account, which he did. Then rename the Administrator account. You can continue the account with your new name, because Windows user accounts identified by an identification number of the substance and not the name. Finally, you create a new account named Administrator and disable it. This should compensate for any possible theft.
You can add new accounts and change account names that exist in Windows 2000 users and groups in local right-click My Computer, select Administrator, open the Local Users and Groups subtree, look in the Users folder and right to a Click the name to rename it. To add a new user, click the folder that contains, and select New User. Finally, to disable an account, double click, check the account is disabled, and then click OK.
Do not delete the original account administrator. Some programs refuse, without installation, and the access to this account at any time need to install the software. The original Administrator account is a security identifier, which remains in the system should be configured.
- 7th:- Configure the hosts file to prevent the abduction of the name is read only.
This is one of (and to some extent, a) the expert. The HOSTS file is a text file that all versions of Windows for the keeping of certain network addresses that change never used. If a network name and address in the HOSTS file, the computer uses the address there trying to pass the name of the network instead (which may take some time) stock exchanges. Experts edit this file to the most frequently visited sites increases on them to put things quicker.
Unfortunately the kidnappers and hackers also like some information about it – redirect people to their favorite sites in locations that do not go. One of the most common entries in the host is the local machine, which is 1770.0.1. This refers to the local machine and when the part is damaged, can behave very unpredictably your computer.
To prevent the computer has been hijacked, read-only setting. Vai to% SystemRoot% system32driversetc, click on host, choose Properties, and select the Read Only check box, and click OK. To add your own entries to the hosts, you can check before you do that, but remember always that the provisions only read after you’re done.
- 8th:- Disable unnecessary services
Windows 2000 and XP have many services in the background is not necessary that handles most of the times: the alarm, the Messenger, the server (if you run a standalone machine, not file and printer sharing), use NetMeeting Remote Desktop Sharing The Remote Desktop Help Session Manager (the latter two, if you use Remote Desktop or NetMeeting), Remote Registry, Routing and Remote Access (if not with the remote access), SSDP Discovery Service, Telnet, and plug Universal Host and Play.
A good tool and instructions on which these services can be disabled by clicking on / http://www.blkviper.com/WinXP/
A good tool and instructions on which these services can be disabled by clicking on / http://www.blkviper.com/WinXP/
- 9th:- Avoid making changes to the settings of IE IE
This is another point against the hijackers. IE can be configured so that any change in its configuration via the Internet icon in Control Panel, instead of being done by the IE interface itself needs. Some programs, especially Web sites, or the unscrupulous attempt to tamper with an adjustment for access to the tools, the options menu in IE. You can do this and there are changes to the settings on the Control Panel, IE
Open Software Policies Microsoft Internet Registry Editor and navigate to HKEY_CURRENT_USER ExplorerRestrictions. Create a new DWORD value or change of name and put NoBrowserUptions to 1 (this is a user environment). Some third-party programs such as Spybot Search and Destroy can change this setting.
IE can also be other programs have changed the name of your default home page, is another form of abduction is especially bothersome. Vai in user software policies ExploreControl Microsoft Internet Group HKEY.CURRENT add or modify a DWORD value and set, at home and at 1.
- 10th:- Simple File Sharing setting.
In Windows XP Professional, the easy way to transfer files easily exploited to share and that ? a bit “too easy to share files over a local network (or network in general). To disable vai m Computer, click Tools, Folder Options and the View tab clear and use simple file sharing (Recommended). Click OK. In this way, the settings in the Properties window access to all folders can set permissions for folders and take possession of the objects (but not XP Home)
0 comments:
Post a Comment