7 security issues brought by Win XP system default settings

As computers become more and more in the lives and work of ordinary users, problems that only professionals can encounter, such as configuring small (home) networks, are now common to ordinary users. The Windows family of operating systems has always been known for its ease of use, trying to make complex tasks a simple operation. But sometimes, ease of use and security are conflicting. At the same time, because of the widespread use of the network, each Internet-connected PC is actually an Internet node, so security is a concern that every user must pay attention to. XP is the latest version of Windows and certainly the easiest to use operating system; on the other hand, many of the default settings used to improve ease of use pose a security risk.

a simple file sharing

in order to allow users on the network just a few clicks of the mouse can file sharing, XP added a feature called "Simple File Sharing", But it also opened up many NetBIOS vulnerabilities. To turn off the simple file sharing function, open "My Computer", select the menu "Tools" → "Folder Options", click "View", and cancel "Use Simple File Sharing (Recommended)" in "Advanced Settings".

two, FAT32

who buy a new machine, many hard drives are formatted as FAT32. To improve security, you can convert the FAT32 file system to NTFS. NTFS allows for more comprehensive and fine-grained control over the permissions of files and folders. It can also use Encrypting File System (EFS) to ensure that data is not stolen from the file partition level. You can view the current file system of the drive by right-clicking on the drive in "My Computer" and selecting "Properties". If you want to convert the file system to NTFS, first backup the important files, select the menu "Start" → "Run", enter cmd, click "OK". Then, in the command line window, execute convert x: /fs:ntfs (where x is the drive letter of the drive).

three, Guest account

Guest account so-called guest account, it can access the computer, but limited. Unfortunately, Guest has also opened the door for hacking. If you do not need to use the Guest account, it is best to disable it. In Win XP Pro, open "Control Panel" → "Administrative Tools" and click "Computer Management". In the list on the left, find "Local Users and Groups" and click on "Users". In the right pane, double-click the Guest account and select "Account is disabled." WinXP Home does not allow you to disable the Guest account, but allows you to set a password for the Guest account: first execute the Net user guest password command in the command line environment, then go to the Control Panel, User Settings, and set the password for the Guest account.

Fourth, one of the Administrator account

common means of hacking is trying to get Administrator account password. At least one account per computer must have Administrator privileges, but not necessarily the name "Administrator". So, whether in XP Home or Pro, it's best to create another account with full privileges and then deactivate the Administrator account. Also, in WinXP Home, modify the default owner account name. Finally, don't forget to set a sufficiently complex password for all your accounts.

V. swap file

Even if you completely normal operation, Windows will leak important confidential data (including passwords). Maybe you will never think of looking at these leaked confidential documents, but hackers will definitely. The first thing you need to do is to ask the machine to clear the system's page file (swap file) when it is shut down. Click on the Windows Start menu, select Run, and execute Regedit. Locate HKEY_local_machine\\system\\currentcontrolset\\control\\sessionmanager\\memory management in the registry, then create or modify ClearPageFileAtShutdown and set the DWORD value to 1.

Sixth, the dump file

system in the face of serious problems, will save the data in memory to the dump file. The role of the dump file is to help people analyze the problems encountered by the system, but it is not useful to the average user; on the other hand, like swap files, the dump file may leak a lot of sensitive data. The procedure for prohibiting Windows from creating a dump file is as follows: Open "Control Panel" → "System", find "Advanced", and then click the "Settings" button under "Startup and Recovery" to write the "Write Debugging Information" column. Set to "(None)". Similar to dump files, Dr. Watson also saves debugging information when an application error occurs. The procedure to disable Dr. Watson is to find HKEY_local_machine\\software\\Microsoft\\WindowsNT\\CurrentVersion\\AeDebug in the registry and change the Auto value to "0". Then open Documents and Settings\\All Users\\Shared Documents\\DrWatson in Windows Explorer and delete the two files User.dmp and Drwtsn32.log.

seven

extra service for the convenience of users, WinXP default start to not have to use a lot of services, but also opened the back door to invade the system. If you don't need these services, it's best to turn them off: NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager, Remote Registry, Routing and Remote Access, SSDP Discovery Service, telnet, Universal Plug and Play Device Host. Open "Control Panel" → "Administrative Tools" → "Services" to see the description and running status of these services. To close a service, simply right-click on the service name and select the "Properties" menu. In the "General" tab, change the "Startup Type" to "Manual" and click the "Stop" button.