Skip to main content

Protecting XP from intruders

Posted January 2003 by Steve Sinchak

There are several things one can do to protect against intruders. Of course the old adage applies here as well, 'locks keep honest people out'; in other words, if they want in, they will keep trying and eventually will be able to get in through some kind of exploit. The following are some tips that can greatly slow them down and make it nearly impossible for them to get in. If you use file sharing or remote connections, don't make the local policy changes.

  1. As it was mentioned before, set the Guest and Administrator account passwords. By default, the Guest account password is blank. Make it something difficult, such as a combination of letters and numbers, preferably not based on dictionary words. Control Panel\Administrative Tools\Computer Management\Local Users and Groups\ Highlight User Account, right-click, 'set password'.

  2. Remove/Delete any unused accounts, especially any 'remote assistance' accounts.

  3. Disable the Guest account since you can't delete it.

  4. Rename the Guest and Administrator accounts to unique names. Remove the description of these accounts (in local users and groups). Control Panel\Administrative Tools\Local Security Policy\Local Policies\Security Options Account: Rename Guest Account - Double click and rename the account Account: Rename Administrator Account

  5. If you do not need to connect to your computer from a remote machine, be sure to turn off this functionality. Control Panel\Administrative Tools\Local Security Policy\Local Policies\User rights Assessment\ "Access this computer from the network" - remove all users and groups. This should be blank "Deny access to this computer from the network" - this should include all users and groups. Double click on the policy, click Add User or group, click Advanced, click Find Now, highlight all the accounts and click OK.

  6. Turn off the Microsoft File sharing in Network Neighborhood if it is not going to be used.

  7. Under System Properties\Remote, Turn off Remote Desktop and Remote invitations.

  8. Run a software firewall program.

  9. Be sure to visit WindowsUpdate to get the latest hotfixes and security patches. There are a lot of them.

Related Posts

If you own a Google Chromecast streaming device, you can easily share a browser tab in Chrome browser or even your entire desktop.  This can be very useful when presenting from your laptop or if you just want to watch something on a big screen that is only on your PC.  The only requirement is you must be on the same network as your Chromecast...

Read More

If you are a fan of minimalist desktop experiences, hiding the desktop icons are an easy way to clean up the Windows interface.  Instead of saving everything to your desktop, use the default profile folders such as downloads and documents.  Actually hiding all the icons on your desktop is a very simple customization hidden in the right-click context menu.  Just right-click on the desktop, select View...

Read More

Google security researchers have published details about a major security flaw found in the SSL protocol that is used to encrypt data transferred between your browser and a web server. SSL is typically used in situations where logon credentials are validated...

Read More

Enabling two-factor authentication is a great way to add an additional level of protection to your Microsoft account.  Even if your password is stolen, your account is still protected because two-factor authetication requires an additional level of verification to log in. Microsoft calls their version of two-factor authentication "two-step verification" and it works by providing you with a random code...

Read More