How to secure yourself from Hackers
Hackers and Browser Hijacking is one area of the network that affects everyone at some point.
In addition to third-party applications, such as SpyBot,
antivirus and firewalls installed there are some changes that can be made for Windows 2000/XP. Here are some details to make the system safer from hackers and hijackers.
Some of these tips require editing the registry so it is recommended to make a copy or recording and / or create a restore point.
1. Clear the paging file on shutdownPaging file in Windows 2000/XP (sometimes called the swap file) can contain sensitive information such as passwords in clear text. Someone capable of accessing your system could scan the file and find the relevant information. You can force Windows to delete the file.
In the Registry Editor, go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management and add or edit the DWORD ClearPageFileAtShutdown. Set to 1.
Note that by doing this, the system will take much longer to close: a system with a very large archive page may take a minute or two (gig or more).
2. Disable the POSIX subsystem and OS / 2.Windows 2000 and XP come with little-documented subsystems, but for compatibility with these systems rues UNIX and OS / 2 systems are enabled by default, but rarely use that are better bring disabled completely to prevent possible service hijackings.
To disable these subsystems, open the registry and navigate to HKEY LOCAL ManagerSubSystems MACHINESYSTEMCurrentControlSetControlSession. Delete the subkeys OS2 and POSIX. then reboot.
3. Never leave the default password blank.During installation, Windows 2000 sets up an account with the system administrator full access and requires a password. Guess': By default, allows the password is blank. If a user does not want to enter a password, just click Next and the system will be an open door for access to anyone they wish. Always opt for a password of some kind when setting up the default account on a computer.
4. Disable the Guest accountWindows XP comes with a guest account that is used for restricted access, but you can still do some damage with it. Turn off completely if you're not using. In the Control Panel, select User Accounts, click Guest Account and then select Turn off the guest account.
5. Install Windows in a different directory.Normally, Windows is installed in the Windows directory. Windows NT 4 0 and 2000 will opt for WINNT. Many worms and other malicious programs is assumed that this is the case and attempt to exploit those folders files. To defeat this install Windows to another directory when setting up - you can specify the name of the directory during installation. WINDIR well, so some people use Wndws - Some programs (not many) will not install correctly if you install Windows on another folder but t hey are very few and far between
6. Hackers Point Blank with a dummy Administrator accountSince the default account in Windows 2000 is always named Administrator, enterprising hacker can try to get into your system, trying to guess the password for that account. And never bother to put a password on that account, say your prayers.
Instead of being a sucker for a hacker, put a password for the administrator account that has not been done. Then change the name of the administrator. You will still be able to use the account under its new name, since Windows identifies user accounts a server ID number instead of name. Finally, create a new account named Administrator and disable it. This should frustrate any would-be thieves.
You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups fit inside right-click My Computer and select Manage, open Local Users and Groups subtree, look in the Users folder and right to Click any name to rename. To add a new user, click the folder that contains and select New User. Finally, to disable an account, double-click on it, the account is disabled check box, and then click OK.
Never remove the original administrator account. Some programs refuse to install without it and you may have to log in with the account at some point in the installation of such software. The original administrator account is configured with a security ID that must continue to be present in the system.
7. Set the read-only file to prevent the abduction of the hosts file.This' from (and to some extent, by) experts. The HOSTS file is a text file that all versions of Windows use to hold certain network addresses that never change. When you put a name and a network address of hosts, the computer uses the address listed there for that network name rather than performing a search (which can take time). Experts edit this file to place frequently visited sites into it, speeding things considerably.
Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite web sites in places you do not want to go. One of the most common entries in hosts is local host which is set 1770.0.1. This refers to the local machine and if damaged the computer can behave very unpredictably.
To prevent HOSTS be offended, read-only setting. Go to the% SystemRoot% system32driversetc, click the host, check the read-only properties and click OK. If you want to add your own entries to the host, you can remove the protection before you do, but always remember to put in read-only after you have finished.
8. Disable unnecessary servicesWindows 2000 and XP both come with many background services that do not need to make the most of the time: Alert, Messenger Server (If using a standalone machine with no file shares or printer), NetMeeting Desktop Sharing Remote Desktop Help Session Manager (the last two, if you are not using Remote Desktop or NetMeeting), Remote Registry Routing and Remote Access (if not using Remote Access), SSDP Discovery Service, Telnet, and Universal Plug and Play Host of peripherals.A good resource and instruction on which of these services can be disabled go to / http://www.blkviper.com/WinXP/
9. Do not allow changes to IE settings through IEThis is another point against the hijackers. IE can be configured to any changes in the settings must be made through the Internet icon in the Control Panel, rather than through its own interface of IE. Some particularly unscrupulous programs or sites try to manipulate the settings, go to Options in the Tools menu in Internet Explorer. You can disable this and still make changes to IE settings through the Control Panel.
Open the Registry Editor and go to HKEY_CURRENT_USER ExplorerRestrictions SoftwarePoliciesMicrosoftInternet. Create or edit a new DWORD value and name NoBrowserUptions it to 1 (this is a user setting). Some third-party programs such as Spybot Search and Destroy allows you to enable or disable this option.
You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Search Microsoft's Internet USERSoftwarePolicies ExploreControl HKEY.CURRENT Panel and add or edit a DWORD, Homepage and set it to 1.
10. Disable simple file sharing.In Windows XP Professional, how to use simple file sharing exploited easily because it 抯 a little too easy to share a file over the LAN (or the network in general). To turn it off, go m My Computer, click Tools, Folder Options and the View tab and uncheck Use simple file sharing (Recommended). Click OK. By doing this you can access the Security tab of the properties window for all folders, set permissions for folders, and take ownership of objects (but not in XP Home) Sharing is sexy
Previous Entries
0 comments for this post
Leave a reply