Hackers and Browser Hijacking is one area of the Net that affects everyone at some stage.In addition to having third party utilities such as SpyBot, Anti Virus scanners and firewalls installed there are some changes that can be made to Windows 2000/XP.Below are some details to make your system safer from hackers and hijackers.
Some of these tips require editing of the Registry so it is wise to either backup the registry and/or create a Restore Point [....]
1. Clearing the Page File at Shutdown
Windows 2000/XP paging file (Sometimes called the Swap File) can contain sensitive information such as plaintext passwords. Someone capable of accessing your system could scan that file and find its information. You can force windows to clear out this file.
In the registry navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management and add or edit the DWORD ClearPageFileAtShutdown. Set it to 1.
Note that when you do this, the system will take much longer to shut down: a system with a really big Page File (! Gig or more) may take a minute or two longer.
2. Disable the POSIX and OS/2 Subsystem.
Windows 2000 and XP come with little-documented subsystems it at allow compatibility with UNIX and OS/2 systems These rues systems are enabled by default but so rarely used that they are best off bring disabled completely to prevent possible service hijackings.
To disable these subsystems, open the registry and navigate to HKEY LOCAL MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems. Delete the subkeys Os2 and Posix. then reboot.
3. Never leave default passwords blank. On installation, Windows 2000 sets up an Administrator account with total system access and prompts for a password. Guess what: by default, it allows that password to be blank. If a user doesn't want to type a password, he can simply click Next and the system will be an open door for anyone who wants to log on. Always opt for a password of some kind when setting up the default account on a machine. 4. Disable the Guest account Windows XP comes with a Guest account that's used for limited access, but it's still possible to do some damage with it. Disable it completely if you are not using it. Under Control Panel, select User Accounts, click on Guest Account and then select Turn Off the Guest Account. |
5. Install Windows In a different directory.
Windows usually installs itself in the WINDOWS directory. Windows NT 4 0 and 2000 Will opt for WINNT. Many worms and other rogue programs assume this to be the case and attempt to exploit those folders files. To defeat this install Windows to another directory when you're setting it up - you can specify the name of the directory during setup. WINDIR is okay; so some people use WNDWS - A few (not that many) programs may not install properly if you install Windows to another folder but t hey are very few and they are far between
6. Fake out hackers with a dummy Administrator account
Since the default account in Windows 2000 is always named Administrator, an enterprising hacker can try to break into your system by attempting to guess the password on that account. It you never bothered to put a password on that account, say your prayers.
Rather than be a sucker to a hacker, put a password on the Administrator account it you haven't done so already. Then change the name of the Administrator account. You'll still be able to use the account under its new name, since Windows identifies user accounts by a back-end ID number rather than the name. Finally, create a new account named Administrator and disable it. This should frustrate any would -be break-ins.
You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups snap in. Right-click on My Computer, select Manager, open the Local Users and Groups subtree, look in the Users folder and right-click on any name to rename it. To add a new user, right-click on the containing folder and select New User. Finally, to disable an account, double-click it, check the Account is disabled box and click OK.
Don't ever delete the original Administrator account. Some programs refuse to install without it and you might have to log in under that account at some point to setup such software. The original Administrator account is configured with a security ID that must continue to be present in the system.
7. Set the Hosts file to read-only to prevent name hijacking.
Windows usually installs itself in the WINDOWS directory. Windows NT 4 0 and 2000 Will opt for WINNT. Many worms and other rogue programs assume this to be the case and attempt to exploit those folders files. To defeat this install Windows to another directory when you're setting it up - you can specify the name of the directory during setup. WINDIR is okay; so some people use WNDWS - A few (not that many) programs may not install properly if you install Windows to another folder but t hey are very few and they are far between
6. Fake out hackers with a dummy Administrator account
Since the default account in Windows 2000 is always named Administrator, an enterprising hacker can try to break into your system by attempting to guess the password on that account. It you never bothered to put a password on that account, say your prayers.
Rather than be a sucker to a hacker, put a password on the Administrator account it you haven't done so already. Then change the name of the Administrator account. You'll still be able to use the account under its new name, since Windows identifies user accounts by a back-end ID number rather than the name. Finally, create a new account named Administrator and disable it. This should frustrate any would -be break-ins.
You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups snap in. Right-click on My Computer, select Manager, open the Local Users and Groups subtree, look in the Users folder and right-click on any name to rename it. To add a new user, right-click on the containing folder and select New User. Finally, to disable an account, double-click it, check the Account is disabled box and click OK.
Don't ever delete the original Administrator account. Some programs refuse to install without it and you might have to log in under that account at some point to setup such software. The original Administrator account is configured with a security ID that must continue to be present in the system.
7. Set the Hosts file to read-only to prevent name hijacking.
This one's from (and to a degree, for) the experts. The HOSTS file is a text file that all flavors of Windows use to hold certain network addresses that never change. When a network name and address is placed in HOSTS, the computer uses the address listed there for that network name rather than performing a lookup (which can take time). Experts edit this file to place their most commonly-visited sites into it, speeding things up considerably.
Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite sites to places they don't want to go. One of the most common entries in HOSTS is local host which is set 1770.0.1. This refers to the local machine and if this entry is damaged the computer can behave very unpredictably.
To prevent HOSTS from being hijacked, set it to read-only. Go to the folder %Systemroot%system32driversetc, right-click on HOSTS, select Properties check the Read-Only box and click OK. If you want to add your own entries to HOSTS, you can unprotect it before doing so, but always remember to set it to read-only after you're done.
Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite sites to places they don't want to go. One of the most common entries in HOSTS is local host which is set 1770.0.1. This refers to the local machine and if this entry is damaged the computer can behave very unpredictably.
To prevent HOSTS from being hijacked, set it to read-only. Go to the folder %Systemroot%system32driversetc, right-click on HOSTS, select Properties check the Read-Only box and click OK. If you want to add your own entries to HOSTS, you can unprotect it before doing so, but always remember to set it to read-only after you're done.
8. Turn off unneeded Services Windows 2000 and XP both come with many background services that don't need to he running most of the time: Alerter, Messenger, Server (If you're running a standalone machine with no file or printer shares), NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager (the last two if you're not using Remote Desktop or NetMeeting), Remote Registry, Routing and Remote Access (if you're not using Remote Access), SSDP Discovery Service, Telnet, and Universal Plug and Play Device Host. A good resource and instruction on which of these services can be disabled go to /http://www.blkviper.com/WinXP |
9. Disallow changes to IE settings through IE
This is another anti hijacker tip. IE can be set so that any changes to its settings must be performed through the Internet icon in the Control Panel, rather than through IE's own interface. Some particularly unscrupulous programs or sites try to tamper with setting by accessing the Tools, Options menu in IE. You can disable this and still make changes to IE's settings through the Control Panel.
Open the Registry and browse to HKEY_CURRENT_USER SoftwarePoliciesMicrosoftInternet ExplorerRestrictions. Create or edit a new DWORD value named NoBrowserUptions and set it to 1 (this is a per-user setting). Some third-party programs such as Spybot Search And Destroy allow you to toggle this setting.
You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Browse to HKEY.CURRENT USERSoftwarePolicies MicrosoftInternet ExploreControl Panel and add or edit a DWORD, Homepage and set it to 1.
This is another anti hijacker tip. IE can be set so that any changes to its settings must be performed through the Internet icon in the Control Panel, rather than through IE's own interface. Some particularly unscrupulous programs or sites try to tamper with setting by accessing the Tools, Options menu in IE. You can disable this and still make changes to IE's settings through the Control Panel.
Open the Registry and browse to HKEY_CURRENT_USER SoftwarePoliciesMicrosoftInternet ExplorerRestrictions. Create or edit a new DWORD value named NoBrowserUptions and set it to 1 (this is a per-user setting). Some third-party programs such as Spybot Search And Destroy allow you to toggle this setting.
You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Browse to HKEY.CURRENT USERSoftwarePolicies MicrosoftInternet ExploreControl Panel and add or edit a DWORD, Homepage and set it to 1.
10. Disable simple File Shares.
In Windows XP Professional, the Simple File Sharing mode is easily exploited, since it抯 a little too easy to share out a file across your LAN (or the NET at large). To turn it off, go m My Computer, click Tools, Folder Option and the View tab, and uncheck Use Simple file sharing (Recommended). Click OK. When you do this you can access the Security tab in the Properties window for all folders; set permissions for folders; and take ownership of objects (but not in XP Home)
| |
| SECURE YOUR WINDOWS XP |
With viruses, spyware and hackers round the corner, there could be many ways by which your PC would be prone to attacks. My PC, which is installed with XP, had to be formatted 2-3 times recently due to virus attack and I had to reinstall the XP on all the occasions. Here are few simple steps to make your Windows XP more secure..
Turn on Automatic Updates: Update is a Windows XP utility which helps to download the latest updates from Microsoft website. With this your PC will have the latest security updates. But one of the disadvantages of using Automatic updates is that it consumes a lot hard disk space.
Turn on Windows Firewall: If you have Service Pack 2 installed in your PC, you can turn on the free Firewall provided by Windows. Although the firewall will not give you a 100% protection, it does give some protection.
Install an Anti-virus Software: There are lot of anti-virus softwares available. Make sure you install one as viruses are the most common type of attack. Not only you install the anti-virus, update it with the latest security updates once in a while.
Protect from Spywares and Adwares: Spywares and Adwares are other common types of attacks on your PC. There are lot of free Spyware and Adware removal tools. Install one and scan your computer once in a while.
Be Careful while using Internet: Do not click on any malicious links and also do not download any attachments or softwares without scanning them. If you use a floppy drive or a CD drive, scan the files before you open or copy to the system.
These are fews steps to make your PC more secure. Although with these steps, it may not be 100% secure, but as wisely said-”Prevention is better than cure”
Install an Anti-virus Software: There are lot of anti-virus softwares available. Make sure you install one as viruses are the most common type of attack. Not only you install the anti-virus, update it with the latest security updates once in a while.
Protect from Spywares and Adwares: Spywares and Adwares are other common types of attacks on your PC. There are lot of free Spyware and Adware removal tools. Install one and scan your computer once in a while.
Be Careful while using Internet: Do not click on any malicious links and also do not download any attachments or softwares without scanning them. If you use a floppy drive or a CD drive, scan the files before you open or copy to the system.
These are fews steps to make your PC more secure. Although with these steps, it may not be 100% secure, but as wisely said-”Prevention is better than cure”
| Advanced security Do you work in a corporate environment where you don't appreciate your co-workers or boss having access to your comp and private files when you are not around? You can provide added level of security to your WINDOWS XP System. This is called securing your Windows XP accounts database. You can store all information related to your accounts in a encrypted form on a floppy disk. What this would do is that if You do not have access to your floppy disk, You can not access the system. I am not sure You realized what I just said ! Even if You know your userid/password, You will not be able to access the system unless and until You have this startup disk. |
The process of generating this secure startup floppy disk is simple. Go to START-RUN and type syskey. You will see a window come up. Click on Upgrade command button. You would see another window popping up which will give You the option of storing the encrypted accounts database either locally or on your floppy disk. Choose floppy disk and click OK and let the process complete. You are done.
Next time You reboot the computer and get to the logon prompt, make sure that You have the floppy disk available in A: drive else You can not log on.
Next time You reboot the computer and get to the logon prompt, make sure that You have the floppy disk available in A: drive else You can not log on.
0 Leave a comment:
Post a Comment