Secure Windows XP

You find an abundance of guides and tutorials on securing the Windows XP operating system. I'd like to provide you with my take on this but concentrate the article on the basics so that you can implement and deploy the changes quickly.

It needs to be noted that it is not possible to secure a system 100%, especially not if it is connected to a public network or the Internet. You can however secure it in a way so that the chance of a successful attack is greatly reduced.

I have a list of modifications and changes that I do whenever I set up a new Windows XP systems. It may not be a large list but it covers many essentials.

The first and one of the most important steps would be to download and install the latest security fixes and services packs. I sometimes have to talk to users in my job (which is somewhat security related as well) and discover that they run Windows XP with the same settings that the PC was shipped with.

No updates, outdated anti-virus definitions and the like. You do get the latest patches and fixes for your operating system at windowsupdates.

Make sure you have a valid license otherwise you will not be able to download the updates. You can alternatively use one of the options mentioned in our Windows Update guide as they provide you with links to third party programs that can download all patches for you.

The next step would be to turn off unnecessary services and programs that you won't use. Why should the remote service be active if you never use it? This reduces the chance of attackers getting into the system. There are currently 19 services running on my system, if you never tinkered with them before you have probably double that amount or even more.

Read the article about turning unnecessary services off, it explains the basics. It is a good idea to turn of the following services if you do not need them

• Telnet
• Universal Plug and Play Device Host
• IIS (not installed by default)
• Netmeeting Remote Desktop Sharing
• Remote Desktop Help Session Manager
• Remote Registry
• Routing & Remote Access
• SSDP Discovery Service

Talking about software. It is wise to not use the default Microsoft products like Outlook Express or Internet Explorer. Those are attacked the most because most of the users use them (besides offering great ways of attacking them). Alternatives are Firefox or Opera for Internet Explorer and Thunderbird for Outlook Express.

You should install a anti-virus solution. I do use Antivir but others should be fine as well. The most important aspect is that you keep the definition files up to date. If the software offers automatic updates I suggest you make it update the files once a day.

Firewalls. I do not use them. Well, not a software based firewall that is. I do have a hardware firewall which is all I need. I think that firewalls give the user a false sense of security. They are highly complex and require lots of attention to secure the system. It is not enough to simply install one and click on accept every time a program wants to connect to the internet.

To secure the system you have to add all the tools that should have internet access to the firewall rules with exactly the ports they need. You should close every other port that is not needed by those applications. A good freeware that displays the list of currently open ports is currports.

I think those are the most important steps. If you have more let me know them.

Advertisement