Set a strong password
Certainly, since the release of Windows XP, two other versions of the OS have emerged. However, Windows XP remains the most used to date (60%), particularly in business. However, measures of protection of common sense are often still neglected. They prove yet easy to implement, and most do not require technical expertise.
A new installation of Windows XP does not include password. It is therefore necessary to place a. Even if a password is not in itself a sufficient security, it is nevertheless an indispensable element on an XP account.
Therefore define a password, strong preference, thus including at least 10 characters (combining lowercase, uppercase, special characters and numbers). This is done from the "Control Panel" menu "user accounts". It is possible to specify a word or phrase meant to help you remember your password. This is however not recommended for safety.
You can also make private files associated with the account. Thus, only a user with administrator rights can access it. A further meeting with rights standards, can not see or edit these files.
Use an administrator account only when necessary
The administrator accounts hold the keys to the house in some ways. The mistakes made during a session with administrator rights can therefore have negative effects, for example browsing the Internet and being the target of spyware, which then benefit from full access to the system.
To reduce exposure to such risks, the daily use in Windows XP must be done with a standard account. Do not ask the administrator account when you need to install software or perform administrative tasks.
Apply the updates regularly, or in automatic mode
In Windows, the patches are released monthly, at the Patch Tuesday. Their installation is recommended. For an average user, the easiest way is usually to apply the automatic Windows Update from the "Security Center" of Windows XP.
However, it is quite possible to define a scenario that end, including specifying a frequency of installation of updates (daily, every Monday, etc..) And one hour.
Parameters used to configure other modes such as to automatically download updates, but require a manual installation. This mode lets you control the list of available patches and possibly select only some.
Install anti-spyware and / or antivirus
Unlike Vista, Windows XP does not default anti-spyware (formerly Windows Defender.) Installation on the position of a similar tool is recommended. Of multiple software, including free ones, are downloadable from the Internet (but not always with a real time shield).
Regular updates are released for these tools (sometimes daily, as for antivirus). Preferably, automate the installation of updates to the signature database for greater efficiency of detection.
It is also possible to opt for an antivirus or security suite. But unlike a simple spyware, these applications are generally more resource intensive (but more functionally complete).
Use a third-party firewall
While Windows XP SP2 has integrated the OS firewall, however it has some limitations. Outgoing traffic is not monitored, for example by the tool. Third-party software is better, without necessarily having to turn off the firewall in Windows XP natively.
A firewall on the desktop does not prohibit, on the contrary, it is even recommended in a company, set up a hardware firewall to control traffic on the network. A multi-level protection at a cost of course - but an attack or a virus also.
Disable the guest account
By default, any new post Windows XP includes a guest account. It provides access to a limited system. This account thus represents a security hole of the workstation. Make sure when you make it inactive.
The easiest way to do that is yet to visit the "Control Panel" menu and then User Accounts. Another option: right-click on the icon "My Computer", select the "manage", then "users" screen "Computer Management". If the guest account is disabled, it will be marked with a red cross.
Disable unnecessary services
By default, many Windows services are active. Yet many of these services are not useful to the user and can also represent security vulnerabilities. To reduce the attack surface, it is recommended to disable the services Windows useless.
Beware, some services such as CPP, the plug-and-play, the DNS client, DHCP should in principle never be disabled.
Quantify whenever possible
A username and password are a good start to begin to protect files and directories. However, if a machine - especially a laptop - is stolen, it is easy to break this barrier and access to data. The safest way to prohibit the reading of files is to encrypt (or even encrypt entire hard disk or partition).
Windows XP provides native to encrypt files and folders. To do this, simply right-click on the directory containing the files to encrypt. In the menu that appears, select "properties", then the tab "advanced attributes" and finally select "Encrypt contents to secure data. "
This feature is quite minimalist, the use of a dedicated software like TrueCrypt is preferable, but reserving to users.
Edit Browser
By default, Windows XP shipped Internet Explorer 6. Not really a reference, therefore safety. If XP is still a place in business, this is not the same with this version of the browser.
If you want to keep Microsoft's browser, migrate towards a minimum version 7 of Internet Explorer (and possibly the 8th, more secure). Besides tabbed browsing, phishing filter introduced IE7 and DEP (Data Execution Prevention).
IE is the browser most attacked, it may be preferable, when possible (compatibility with the internal web applications) for an alternative software like Firefox, Chrome or Opera.
Rename the administrator account
The default installation includes an account named "Administrator". As its name suggests, it has full rights on the system. To complicate the task of a potential attacker (he will find the account name and password, and not just the password), it is best to rename this account.
As for disabling the guest account, this task is carried out on screen "Computer Management" in the "Local Users and Groups" and the folder "users". Right-clicking on the account opens a popup menu. Select "Rename".
You can also keep an account named Administrator and make a decoy by assigning only limited rights.
Did you like this resource? Share it with your friends and show your love!
|
No responses found. Be the first to respond...
|