XP system default configuration risk

The XP system default configuration must pay attention to

With the computer getting deeper and deeper into the ordinary users' lives, events, only the professional staff will touch the problem, for example, set up a small (family) collection, At this moment, ordinary users will often touch. The Windows series of operating systems are known for their ease of use, and strive to make the original great mission complete with simple manipulation. However, at some time, ease of use and peace of mind are bickering with each other; at the same time, because of the widespread use of collection, each Internet-connected PC is actually an Internet node, so that security is a problem that every user must keep. As the latest version of Windows, XP is the easiest operating system to implement; on the other hand, many of the default configurations that are recycled to improve ease of use pose a security risk.

First, simple file sharing

In order to allow users on the collection to achieve file sharing with just a few clicks of the mouse, XP intervenes in a kind called “simple file sharing”. The result, but at the same time also opened up a lot of NetBIOS cracks. The pace of blocking the simple file sharing results is: open "My Computer", select the menu "Devices" & rdquo; & rarquo; & ldquo; folder options & rdquo;, click & ldquo; check & rdquo;, in the "advanced configuration" Dismissal & ldquo; exercise simple file sharing (promotional) & rdquo;.

Second, FAT32

Often new to buy, many hard drives have been named FAT32. To improve the security, you can convert the FAT32 file system to NTFS. NTFS should control the permissions of files and folders in a more comprehensive and fine-grained manner, and then use the Encrypting File System (EFS) to ensure that data is not stolen from the file partition. On the "My Computer" top right click on the drive and select "Properties" to check the current file system of the drive. If you want to convert the file system to NTFS, first back up the important files, select the menu <; Start & rdquo; → & ldquo; Run & rdquo;, enter cmd, click & ldquo; OK & rdquo;. Then, in the call line window, execute convert x: /fs:ntfs (where x is the drive letter of the drive).

Third, Guest Account

Guest account is the so-called guest account, it can meet the computer, but is limited. Unfortunately, Guest also opened the door to hacking. If you do not need to use the Guest account, it is best to disable it. In Win XP Pro, open “ control panel”→“dosing equipment”, click “counter machine management”. In the list on the left, find “local users and groups” and click on “Users” in the right pane. In the right pane, double-click on the Guest account and select “Account is disabled”. WinXP Home should not disable the Guest account, but should configure the password for the Guest account: first execute the Net user guest passWord call in the call line scenario, then enter the “control panel”, “User Configuration”, configure the Guest account. Code.

IV. Administrator Account

One of the common hacking skills is to try to get the password of the Administrator account. At least one account for each computer must have Administrator privileges, but it is not necessary to use the name "Administrator". So, whether in XP Home or Pro, it's best to build another account with all permissions and then deactivate the Administrator account. Other, in WinXP Home, modify the default all account names. Finally, don't forget to configure enough great passwords for all your accounts.

V. Interchange Files

Even if your manipulation is completely normal, Windows will leak important confidential data (including passwords). Probably you will never think of looking at the files of these leaky machines, but the hackers will definitely. What you do mainly is to ask the dull to break the system's page file (interchange file) at the time of shutdown. Click on the Windows "Start” menu, select “Run”, execute Regedit. Locate HKEY_local_Machine\\system\\currentcontrolset\\control\\sessionmanager\\memory management in the registry, and then build or modify ClearPageFileAtShutdown to configure this DWORD value to 1.

VI. Dump files

When the system encounters a serious problem, it will take the data in memory to the dump file. Dumping of dump files is a help for people to explain the problems encountered by the system, but it is not effective for ordinary users; on the other hand, like swap files, dump files may leak a lot of sensitive data. The steps to extract the Windows build dump file are as follows: Open “ Control Panel & rdquo; → & ldquo; System & rdquo;, find & ldquo; Advanced & rdquo;, then click & ldquo; start and hinder the remediation & rdquo; below & ldquo; configuration & rdquo; button , "Write debug information" to this column is configured as "(None)". Same as the dump file, Dr. Watson will also debug the information during the application of the fall. The trick to disable Dr. Watson is to find HKEY_local_machine\\software\\Microsoft\\WindowsNT\\CurrentVersion\\AeDebug in the registry and change the Auto value to “0”. Then open Documents and Settings\\All Users\\Shared Documents\\DrWatson in the Windows Explorer and delete the two files User.dmp and Drwtsn32.log.

Seven, redundant things

In order to facilitate users, WinXP has started a lot of things that are not necessarily used, and also opened the back door of the intrusion system. If you don't want to do this, it's best to block them: NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager, Remote Registry, Routing and Remote Access, SSDP Discovery Service, telnet, Universal Plug and Play Device Host. Open “ control panel & rdquo; & rarquo; & ldquo; management equipment & rdquo; & rarquo; & ldquo; service rdquo;, you can see the reputation and operation status of these things. To block a transaction, just right-click on the transaction name and select the “Properties” menu. In the “General” tab, change the “Startup Example” to “Manual” and click “&#&#&#&#&#&&&&&&&&&&&&&&&&&&&&&&&&&&& ; button. Tianjin Computer Repair