Menu

Basic Security Tips of Windows XP


Introduction

This page aims to give some basic tips to work more safely within a network like UGR. The tips are general and can be followed regardless of the operating system that we use. We made these tips for the Windows XP operating system, but everything we say (except some specific things) are equally valid for previous versions of Windows.

Malign Software

The usual malignant software with which our computer can be infected:

  • Virus
  • Worms
  • Trojans
  • Rear doors
  • Nukers
  • Keyloggers

Habitual incidents

The usual issues by which your team may have a security incident are:

  • Viruses / worms
  • Warez warehouses (illegal software, music, movies, …)
  • Servers of IRC.
  • Attacks to other machines
  • Total control of the pirated machine

The natural evolution of a security breach is:

  • Discovery of the failure in the safety of your equipment
  • Communication to the person responsible
  • Failure publication
  • Patch available
  • Installing the patch by users
  • Exploitation of the error by pirates
  • General Solutions

These tips are valid for any operating system and version.

Keep the system updated

Reduce the services offered to the necessary, such as file sharing, web server, ftp server…

Use an antivirus

Use a firewall

Avoid executing programs of dubious nature (email attachments, internet downloads, …)

Tips for Windows XP

This section tries to explain in more detail the ideas presented above, specifically for Windows XP but they are equally valid tips for Windows 98, 2000, etc.

Users and Passwords

It is important to create user and assign them passwords.

When you turn on the computer for the first time, Windows will tell us that you have to choose a user and a password, otherwise we must do it manually. To do it:

  • Start -> Control Panel -> User Accounts
  • Constraints to be avoided
  • Own names and family or friends’ names

Name of the operating system, account, user name or machine that is being used.

  • Telephone numbers, dates of birth, ID, registration…
  • Geographic locations
  • Names of celebrities, brands, fictional characters, …
  • Any word from a Spanish or foreign dictionary

Adding a digit or a special character to a word of the previous categories DOES NOT SERVE ANYTHING. For example, IT’S NOT GOOD PASSWORDS: manolo1, 2 sisters, …

Suggestions for choosing a password

  • Difficult to guess and easy to remember
  • Acronym is separated by special characters (/, #,!, -, …)
  • Abbreviations of not very well known phrase (or own) and intercalar special characters
  • Protection of the key
  • Do not let anyone use your password
  • Do not write down your password
  • Do not type when someone looks at you
  • If you have shared it, change it immediately.

REMEMBER: UGR will never ask for your username and password through e-mail, telephone, fax, sms, ….

Basic tips

  • Do not have the same password on different computers
  • Length of at least 8 characters
  • Use at least two non-alphabetic characters and avoid locating them at the beginning or end
  • Do not use keyboard sequences, “qwerty”
  • Toggle uppercase and lowercase
  • Change it at least every 3 months
  • If you have shared it, change it immediately

Windows Update and Automatic Updates

Process to follow to install the service packs for the first time after the installation of the Windows operating system. To do this, you must access the Windows Update page, which can be accessed from Internet Explorer -> Tools -> Windows Update.

Once found the service packs available for our Windows XP as well as the security patches, we will install them all to have the computer operating system up to date.

Once the operating system is updated for the first time, we can configure Automatic Updates.

To do it: Start -> Control Panel -> System -> Automatic Updates

We choose the option that best suits our needs.

To make sure it is activated, we check the services: Start -> Control Panel -> Administrative Tools -> Services

With this active service our updated Windows XP will be maintained.

Dangerous Services

Below are the services that may constitute a risk for the safety of our teams and why.

They can be the access route for the intruders to:

  • Create, delete, modify or extract files from the computer.
  • Launch programs, for example a web server, a warehouse of warez, …
  • Attack other nearby equipment
  • In the professional version are almost all services disabled

The services that must be disabled if they are not used are:

  • Telnet: allows a remote user to log in to the computer and run programs
  • Remote assistance and remote desktop: Start -> Control panel -> System -> Remote access
  • Share files
  • Web server
  • FTP server
  • Use an antivirus

It is important to use an antivirus and have it updated.

The UGR is licensed to PANDA.

Firewall (Firewall)

The firewall isolates the computer from the connection to the network by filtering information. A general configuration must carry prohibited connections, allowed connections and allowed connections with conditions.

IMPORTANT: IF SOMETHING STOPS TO WORK, BEFORE NOTHING, DEACTIVATE THE FIRE FIGHTER AND TRY IF IT WORKS.

There are many options when choosing a firewall, some examples are:

From Windows XP

Home -> Network and Internet connection -> Network connections -> Local Area Connection -> Properties -> Advanced

Panda

┬áPrimitive version – does not work well especially if resources are shared

If we want to install any other firewall and we have or have had the PANDA active, it is important to uninstall PANDA and then reinstall it without the firewall protection.

Summary

  • Keep the system always updated
  • Reduce the services offered
  • Use an Antivirus
  • Use a Firewall or Firewall
  • Avoid executing programs of dubious origin

Leave a Reply

Your email address will not be published. Required fields are marked *