Configure your Windows XP system securely with Seconfig XP

Martin Brinkmann
Jul 5, 2006
Updated • May 8, 2013
Security, Windows XP

What a great little freeware application. Seconfig is only 37K in size and can be right from the location that you decided to unpack it to. The freeware has three main features: Restrict Lan-like access, service settings and TCP/IP settings. You may use the program to disable Netbios, SMB and RPC over TCP/IP which are major entry points for worms and hackers.

The service settings let you disable services that may not be needed, and are often used to attack a system over a network or Internet. Among the services that you can disable are the Remote Registry service, the Messenger service, SSDP discovery service and that IPSEC Services.

The TCP/IP settings finally allow you to change the following entries: Drop all incoming IP source routed packets, Disable automatic detection of "dead" gateways, Disable IRDP (all interfaces), Disable ICMP redirect and Disable ports 1025 to N.

Seconfig features:

  • Disable NetBIOS over TCP/IP (all interfaces).
  • Disable SMB over TCP/IP.
  • Disable RPC over TCP/IP.
  • Change NetBIOS Scope ID.
  • Disable Remote Registry service.
  • Disable Messenger service.
  • Disable SSDP Discovery Service.
  • Do not start IPSEC Services automatically.
  • Drop all incoming IP source routed packets.
  • Disable automatic detection of "dead" gateways.
  • Disable IRDP (all interfaces).
  • Disable ICMP redirect.
  • Enable strict ARP table update.
  • Accept responses only from queried DNS servers.
  • Disable ports from [port range] to [port range]

Click on help if you want to look up information about the tweaks the program makes available to you. I suggest you know what you are doing before you make changes to the system, as you may shut down or disable services or features that are needed by programs or services on your system.  Seconfig will change settings in the Registry. You can undo all changes made by the program by running it again and reverting the changes in the interface.

If you click on status you see a list of all open TCP/IP and UDP ports and if Netbios, SMB and RPC over TCP/IP are closed or not.

Update: The program is only compatible with Windows XP and its server counterpart Windows Server 2003, and earlier versions of Windows. It is not compatible with newer versions of the Windows operating system.

If you are on a newer version of the operating system, I suggest you check out Improve Windows Security By Closing Open Ports which describes tools and options to close down ports and services on those versions of Windows.


Tutorials & Tips

Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.