Hackers
and Browser Hijacking is one area of the Net that affects everyone
at
some stage. In addition to having third party utilities such as SpyBot, Anti
Virus scanners and firewalls installed there are some changes that can be
made to Windows 2000/XP. Below are some details to make your system
safer from hackers and hijackers.
Some of these tips require editing of the Registry so it is wise to either
backup the registry and/or create a Restore Point.
some stage. In addition to having third party utilities such as SpyBot, Anti
Virus scanners and firewalls installed there are some changes that can be
made to Windows 2000/XP. Below are some details to make your system
safer from hackers and hijackers.
Some of these tips require editing of the Registry so it is wise to either
backup the registry and/or create a Restore Point.
1.
Clearing the Page File at Shutdown
In the registry navigate to
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemo
ry Management and add or edit the DWORDClearPageFileAtShutdown. Set it
to
In the registry navigate to
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemo
ry Management and add or edit the DWORDClearPageFileAtShutdown. Set it
to
2.
Disable the POSIX and OS/2 Subsystem.
To disable these subsystems, open the registry and navigate to HKEY LOCAL
MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems.
Delete the subkeys Os2 and Posix. then reboot.
To disable these subsystems, open the registry and navigate to HKEY LOCAL
MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems.
Delete the subkeys Os2 and Posix. then reboot.
3.
Never leave default passwords blank.
On installation, Windows sets up an Administrator account with total system
access and prompts for a password. Guess what: by default, it allows that
password to be blank. If a user doesn't want to type a password, he can
simply click Next and the system will be an open door for anyone who wants
to log on. Always opt for a password of some kind when setting up the
default account on a machine.
On installation, Windows sets up an Administrator account with total system
access and prompts for a password. Guess what: by default, it allows that
password to be blank. If a user doesn't want to type a password, he can
simply click Next and the system will be an open door for anyone who wants
to log on. Always opt for a password of some kind when setting up the
default account on a machine.
4. Disable the Guest account
Windows XP comes with a Guest account that's used for limited access, but
it's still possible to do some damage with it. Disable it completely if you are
not using it. Under Control Panel, select User Accounts, click on Guest Account
and then select Turn Off the Guest Account
5.
Install Windows In a different directory.
Install Windows In a different partitions
Install Windows In a different partitions
6. Fake out hackers with a dummy Administrator account
Since the default account in Windows is always named Administrator, an
enterprising hacker can try to break into your system by attempting to guess
the password on that account. It you never bothered to put a password on
that account, say your prayers.
Administrator account it you haven't done so already. Then change the name
of the Administrator account. You'll still be able to use the account under its
new name, since Windows identifies user accounts by a back-end ID number
rather than the name. Finally, create a new account named Administrator
and disable it. This should frustrate any would -be break-ins.
You can add new accounts and change the names of existing accounts in
Windows through the Local Users and Groups snap in. Right-click on My
Computer, select Manager, open the Local Users and Groups subtree, look in
the Users folder and right-click on any name to rename it. To add a new user,
rightclick on the containing folder and select New User. Finally, to disable an
account, double-click it, check the Account is disabled box and click OK.
Don't ever delete the original Administrator account. Some programs refuse to
install without it and you might have to log in under that account at some
point to setup such software. The original Administrator account is configured
with a security ID that must continue to be present in the system.
7. Set the Hosts file to read-only to prevent name hijacking.
8. Turn off unneeded Services.
9. Disallow changes to IE settings through IE.
10. Disable simple File Shares.
In Windows XP Professional, the Simple File Sharing mode is easily exploited,
since it a little too easy to share out a file across your LAN (or the NET at
large). To turn it off, go m My Computer, click Tools, Folder Option and the
View tab, and uncheck Use Simple file sharing (Recommended). Click OK.
When you do this you can access the Security tab in the Properties window
for all folders; set permissions for folders and take ownership of objects
