With the popularity of Windows XP on personal computers, more and more people are beginning to work with Windows XP, even though Windows XP has superior stability and reliable security. However, the vulnerabilities discovered one after another have made Windows XP already threatened with attacks. This article will improve the security of Windows XP operating system, further improve the security of users using Windows XP operating system, as well as some things that should be paid attention to during normal maintenance, I hope to be helpful to the majority of Windows XP users. 1. Install Security Policy (1) Do not choose to install from the network Although Microsoft supports online installation, it is absolutely not safe. Do not connect to the network, especially the Internet, until the system is fully installed. Don't even connect all the hardware to install it. Because Windows XP is installed, after entering the password of the user administrator account "Administrator", the system will create a shared account of "ADMIN", but it does not protect it with the password just entered, this situation will continue until the computer Start again. In the meantime, anyone can enter the system through "ADMIN"; at the same time, after the installation is completed, various services will run automatically at the same time, and the server is full of loopholes, which is very easy to invade from the outside. (2) To choose NTFS format for partitioning It is best to have all partitions in NTFS format, because NTFS format partitions are more secure in terms of security. Even if other partitions use other formats (such as FAT32), at least the partition where the system is located should be in NTFS format. In addition, the application should not be placed in the same partition as the system, so as to prevent the attacker from exploiting the vulnerability of the application (such as Microsoft's IIS vulnerability), causing system file leakage, and even allowing the intruder to obtain administrator rights remotely. (3) Choice of the version of the system version: Windows XP is available in various languages. For us, you can choose English or Simplified Chinese. I strongly recommend: if the language does not become an obstacle, please use it. English version. You know, Microsoft's products are known as Bug & Patch, the Chinese version of the Bug is far more than the English version, and the patch will generally be at least half a month later (that is, the general Microsoft released the vulnerability after your machine There will be half a month in an unprotected condition). (4) Component customization
Windows XP installs some common components by default, but it is this default installation is very dangerous, you should know exactly which services you need, and only install what you really need Service, according to security principles, minimum service + minimum authority = maximum security. (5) partition and logical disk allocation
It is recommended to establish more than two partitions, one system partition, more than one application partition, separate the system partition and the application partition to protect the application, in general, A virus or hacker exploits a vulnerability attack that corrupts the system partition without causing damage to the application partition. 2. Account Security Policy (1) User Security Settings Check the user account and stop the unwanted account. It is recommended to change the default account name. 1) Disable the Guest account to disable the Guest account in the computer-managed user. To be on the safe side, it is best to add a complex password to the Guest. 2) Restrict unnecessary users Remove all Duplicate User users, test users, shared users, and so on. User Group Policy sets the appropriate permissions, and often checks the users of the system to delete users who are no longer in use. 3) Create two administrator accounts to create a general privilege user to receive and handle some daily things, and another user with Administrator privileges to use only when needed. 4), the system administrator account renamed Windows XP Administrator user can not be disabled, which means that others can try this user's password over and over again. Try to disguise it as a normal user, such as Guesycludx. 5) Create a trap user Create a local user named "Administrator", set its permissions to the lowest, and do nothing, and add a super complex password of more than 10 digits. 6) Change the permissions of the shared file from the Everyone group to the authorized user. Do not set the user of the shared file to the "Everyone" group, including the print share. The default attribute is the "Everyone" group. 7), do not let the system display the last login user name Open the registry editor and find the registry key HKLMSoftwareMicrosoftWindowsTCurrentVersionWinlogonDont-DisplayLastUserName, change the key value to 1. 8), system account /share list Windows XP's default installation allows any user to get all account /share list of the system through the empty user, this is to facilitate LAN users to share files, but a remote user can also get your user list and Use brute force to crack user passwords. You can disable the 139 null connection by changing the registry Local_Machine\\System\\CurrentControlSet\\Control\\LSA-RestrictAnonymous = 1, or you can use the Windows XP local security policy (if the domain server is in the domain server security and domain security policy) There is such an option RestrictAnonymous (an additional limit for anonymous connections), this option has three values: 0: None. Rely on default permissions (none, depending on the default permissions) 0 This value is the system default, no restrictions, remote Users can know all the accounts, group information, shared directories, network transfer lists, etc. on your machine. This setting is very dangerous for the server. 1: Do not allow enumeration of SAM accounts and shares 1 This value allows only non-NULL users to access SAM account information and share information. 2: No Access without explicit anonymous permissions (no access is allowed without explicit anonymous permissions) 2 This value is only supported in win2000. If you don't want any sharing, set it to 2. It is generally recommended to set it to 1. (2) Password security settings 1) Use a secure password To pay attention to the complexity of the password, remember to change the password frequently. 2), open the password policy Note the application of the password policy, such as enabling password complexity requirements, set the minimum password length to 8 digits, set the mandatory password history to 5 times, the time is 42 days. 3. Application security policy (1) Install anti-virus software Anti-virus software can not only kill some famous viruses, but also kill a lot of Trojans and backdoors, so pay attention to frequently run programs and upgrade virus database. (2) Install the firewall Listen to the attack taken by the outside world and remind the user to take precautionary measures. (3) Install the system patch Go to the Microsoft website to download the latest patch: Frequent visits to Microsoft and some secure sites, download the latest service packs and vulnerability patches, is the only way to ensure the long-term security of the server. (4) Enable power protection function When using a computer to process files, the most worrying thing is that the computer suddenly loses power, because this sudden power failure will not only make your hard work results disappear instantly, but also seriously damage the computer. . In order to prevent accidental power failure under various conditions and to ensure the safe and normal operation of the computer, we should enable the function of asking or directly sleeping when the power button is pressed in the power management. If you want to enable the power protection function, you can use the mouse to click "Start" /"Control Panel" /"Performance and Maintenance" /"Power Options" on the Windows XP desktop, select "Advanced" in the pop-up settings box. "Label, under the corresponding tab page, find the "When the computer power button is pressed" setting item, then select the "Hibernate" or "Ask me what to do" option in the settings box, if you select the "Shutdown" option, it is quite The power protection feature is not enabled. (5) Using the screen saver program When you see the word “screen saver”, you will naturally think of the screen saver in the computer. It mainly uses the different methods to display the specified picture in turn to achieve the purpose of screen protection. However, the system will only start the screen saver after the computer has not been operated for a preset time. What if you want to start the screen saver within any specified time? We can follow the following steps: In the Windows XP Start menu, click Start /Search /File or Folder, and then in the search dialog that pops up, click the "All files and folders" type and the corresponding file name. In the text box, enter the "*.scr" character, and in the search range drop-down list, select "Native Disk (C:)" or the drive where the system files are stored on your computer, and finally click the "Search" button. Then in the list of screen savers found, select the desired screen saver and create a shortcut to the screen saver on your desktop. To start the screen saver program, double-click the screen saver shortcut on the desktop with the mouse. If necessary, you can also add a password to the “screen saver”. In this case, you need to re-enter the user name and password to restore the computer resources more securely. (6) Stop unnecessary services It is not a good thing to open too many services. Turn off unnecessary services! The more service components are installed, the more service features users can enjoy. However, the service components that users usually use are limited, and those components that are rarely used take up a lot of system resources, which will cause system instability, and provide multiple ways for hackers to remotely invade. To this end, we should try to shield those service components that are not needed. The specific operation method is as follows: First, find "Administrative Tools" /"Services" in the Control Panel, and then open the "Services" dialog box, select the program to be masked in the dialog box, and click the right mouse button to pop up Select the "Properties" /"Stop" command in the shortcut menu, and set the "Startup Type" to "Manual" or "Disabled", so that the specified service components can be blocked. 4. Network Security Policy (1) Turn off unnecessary ports Turning off the port means reducing functionality, and you need to make some decisions on security and features. If the server is installed behind a firewall, the risk will be less. But never think that you can sit back and relax. Use a port scanner to scan the open ports of the system to determine which services the system is open may cause hackers. A comparison table of well-known ports and services is available in the \\system32\\drivers\\etc\\services file in the system directory for reference. Here's how: Open "Network Neighborhood /Properties /Local Area Connection /Properties /Internet Protocol (TCP /IP) /Properties /Advanced /Options /TCP /IP Filter /Properties" Open "TCP /IP Filter", add the required TCP, The UDP protocol can be used. (2) Setting the access rights of the security record The security record is unprotected by default. Set it to only Administrators and system accounts to access. (3) Using the e-mail system in the web format Do not use the client mail system such as Outlook and Fox mail to accept e-mails. Some of the current e-mails are very harmful. Once implanted in the machine, it may cause system paralysis. At the same time, don't look at the attachments in strangers' emails, which often carry viruses and Trojans.