Recognize the security issues of the XP system default settings

The computer is now an indispensable tool in the life and work of ordinary users in the hospital, so there are only problems that professionals will encounter, such as configuring small (family) The Internet, as well as ordinary users today, has the same headache.

The Windows family of operating systems has always been known for ease of use, trying to make complex tasks a simple operation. However, it is not excluded that the ease of use and security are conflicting. At the same time, due to the widespread use of the network, each Internet-connected PC is actually an Internet node, so security is a problem that every user must pay attention to. So what are the security issues in the Windows XP system default settings?

First, simple file sharing

In order to allow users on the network to achieve file sharing with just a few clicks of the mouse, XP joins There is a feature called "Simple File Sharing", but it also opens up many NetBIOS vulnerabilities. The steps to turn off the simple file sharing feature are: Open “My Computer", select the menu <;Tools”→“Folder Options">Click “View”, in “Advanced Settings” Cancel “Use simple file sharing (recommended)”.

Second, FAT32

Any new hard drive is formatted as FAT32. To improve security, you can convert the FAT32 file system to NTFS. NTFS allows for more comprehensive and fine-grained control over the permissions of files and folders. It can also use Encrypting File System (EFS) to ensure that data is not stolen from the file partition level. You can view the current file system of the drive by right-clicking on the drive and selecting "Properties" in "My Computer". If you want to convert the file system to NTFS, first back up the important files, select the menu <; Start & rdquo; → & ldquo; Run & rdquo;, enter cmd, click & ldquo; OK & rdquo;. Then, in the command line window, execute convert x: /fs:ntfs (where x is the drive letter of the drive).

Third, Guest Account

Guest account is a so-called guest account, which can access the computer, but is restricted. Unfortunately, Guest has also opened the door for hacking. If you do not need to use the Guest account, it is best to disable it. In Win XP Pro, open “Control Panel”→“Administrative Tools"""Computer Management". In the list on the left, find “Local Users and Groups” and click on “Users”. In the right pane, double-click on the Guest account and select “Account is disabled”. WinXP Home does not allow the Guest account to be deactivated, but allows the password to be set for the Guest account: first execute the Net user guest password command in the command line environment, then go to “Control Panel" "User Settings>, Set Guest Account password.

Fourth, the Administrator account

One of the common means of hacking is to try to obtain the password of the Administrator account. At least one account per computer must have Administrator privileges, but it is not necessary to use the name "Administrator". So, whether in XP Home or Pro, it's best to create another account with full privileges and then deactivate the Administrator account. Also, in WinXP Home, modify the default owner account name. Finally, don't forget to set a sufficiently complex password for all your accounts.

V. Exchange Files

Even if your operation is completely normal, Windows will leak important confidential data (including passwords). Maybe you will never think of looking at these leaked confidential documents, but hackers will definitely. The first thing you need to do is to ask the machine to clear the system's page file (swap file) when it is shut down. Click on the Windows "Start” menu, select “Run”, execute Regedit. Find HKEY_local_machinesystemcurrentcontrolsetcontrolsessionmanagermemory management in the registry, then create or modify ClearPageFileAtShutdown and set the DWORD value to 1.

VI. Dump File

When the system encounters a serious problem, it will save the data in the memory to the dump file. The role of the dump file is to help people analyze the problems encountered by the system, but it is not useful to the average user; on the other hand, like swap files, the dump file may leak a lot of sensitive data. The steps to prevent Windows from creating dump files are as follows: Open “Control Panel”→“System", find “Advanced", and then click “Startup and Recovery"> , "Write debugging information" to this column is set to “ (none) & rdquo;. Similar to dump files, Dr. Watson also saves debugging information when an application error occurs. The procedure for disabling Dr. Watson is to find HKEY_local_machinesoftwareMicrosoftWindowsNTCurrentVersionAeDebug in the registry and change the Auto value to “0”. Then open Documents and SettingsAll UsersShared DocumentsDrWatson in Windows Explorer and delete the two files User.dmp and Drwtsn32.log.

Seven, redundant services

In order to facilitate users, WinXP has started a number of services that are not necessarily used by default, and also opened the back door of the intrusion system. If you don't need these services, it's best to turn them off: NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager, Remote Registry, Routing and Remote Access, SSDP Discovery Service, telnet, Universal Plug and Play Device Host. Open “Control Panel”→“Administrative Tools”→“Services'; you can see the description and running status of these services. To close a service, simply right-click on the service name and select the “Properties“ menu, in the “General” tab, change the "Startup Type" to "Manual" and click “Stop ” ; button.

Although the default settings of the system bring a lot of convenience to everyone, but users have to master some knowledge more or less, can not rely on the default settings, sometimes the default settings can bring you some problems of.