Sharing Windows XP to eliminate vulnerabilities and improve system security Four magic weapons

system account /share list Windows XP default installation allows any user to get all account /share list of the system through empty users, this is to facilitate LAN users to share files, but one Remote users can also get your list of users and use brute force to crack user passwords. You can disable the 139 null connection by changing the registry Local_Machine\\System\\CurrentControlSet\\Control\\LSA-RestrictAnonymous = 1, or you can use the Windows XP local security policy (if the domain server is in the domain server security and domain security policy) There is such an option RestrictAnonymous (an extra limit for anonymous connections).
(1) Select NTFS format to partition
It is best to have all partitions in NTFS format, because NTFS format partitions are more secure in terms of security. Even if other partitions use other formats (such as FAT32), at least the partition where the system is located should be in NTFS format. In addition, the application should not be placed in the same partition as the system, so as to prevent the attacker from exploiting the vulnerability of the application (such as Microsoft's IIS vulnerability), causing system file leakage, and even allowing the intruder to obtain administrator rights remotely.
(2) Optimizing component customization
Windows XP installs some common components by default, but it is this default installation is very dangerous, you should know exactly which services you need, and only install The services you really need, according to security principles, the least service + the minimum permissions = the greatest security.