Results 1 to 10 of 10

Thread: WinXP: secure it, tweak it...

  1. #1
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424

    Post WinXP: secure it, tweak it...

    This list is by no means intended to be complete...

    +++Windows XP+++

    Universal Plug and Play.

    1. What is it?

    UPnP is Microsoft software that uses Internet protocols to allow devices such as computers, scanners and printers to automatically discover one another so they can communicate.

    2. Technical Details.

    http://news.com.com/2100-1001-277389.html?legacy=cnet

    The software giant announced last week it had found two vulnerabilities in its new operating system that could leave computers running it open to hackers and at risk of being temporarily shut down from a denial-of-service attack or used in such an attack on other computers.

    Under a denial-of-service attack, a server is flooded with so much Internet traffic that it is made inaccessible to legitimate traffic.

    In addition to installing the security patch available from Microsoft's Web site, computer users running Windows XP should disable the "Universal Plug and Play" feature, if they are not using it, the NIPC said in its statement.

    Microsoft's Universal Plug and Play software allows devices added to a network to be automatically recognized and accessed. It is installed by default on XP systems, can be switched on in Windows ME systems and installed separately on the Windows 98 operating systems.
    3. Patch.

    http://www.microsoft.com/technet/tre...n/MS01-059.asp

    http://grc.com/unpnp/unpnp.htm

    WinXP-hotkeys execute programs

    1. What?
    Microsoft Windows XP allows a local attacker to execute programs using hotkeys even when the system is locked. Only programs with a hotkey combination configured can be executed.

    2. Technical details.

    http://www.securityfocus.com/archive/1/246014

    No remedy available yet. As a workaround, disable hotkeys.

    File and Print-sharing

    1. What?

    When file and printer sharing is installed it allows users to make services available to other users on a network.

    2. Technical details + patch.

    http://www.winguides.com/registry/display.php/132/

    Simple File Sharing

    1. What?

    By disabling Simple File Sharing, you can specify an Access Control List (ACL) for each shared disk or folder. The ACL specifies which users are allowed to have access.

    2. Technical details + patch.

    http://www.practicallynetworked.com/...ring/whole.htm


    +++Internet Explorer+++

    Microsoft Security Bulletin MS01-058
    13 December 2001 Cumulative Patch for IE


    1. What?

    Cumulative patch for IE 5.5 and 6 + patches 3 newly discovered vulnerabilities.

    2. Technical details + patch.

    http://www.microsoft.com/technet/tre...n/MS01-058.asp

    Microsoft Security Bulletin MS02-005
    11 February 2002 Cumulative Patch for Internet Explorer


    1. What?

    Cumulative patch for IE 5.5 and 6 + patches six newly discovered vulnerabilities.

    2. Technical details + patch.

    http://www.microsoft.com/technet/tre...n/MS02-005.asp


    +++Windows Media Player+++

    1. What?

    If you give Windows Media Player access to the net, you're giving up your anonymity. You don't like that? Disable it!

    2. Technical Details

    Extra --> Options --> Player (first tab) --> Unselect 'Permit Internet-sites to assign an ID to your player'.


    +++Uninstalling Messenger+++

    In C:\Windows\Inf, there's a file called 'sysoc.inf'.

    Open it with notepad (or another text-editor). It should look a little something like this:

    Code:
    [Version]
    Signature = "$Windows NT$"
    DriverVer=07/01/2001,5.1.2600.0
    
    [Components]
    NtComponents=ntoc.dll,NtOcSetupProc,,4
    WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7
    Display=desk.cpl,DisplayOcSetupProc,,7
    ...
    The 'hide' option prevents you from removing the application (meaning it won't show in your Configuration --> Software screen). Use your text-editors search&replace-function to replace every hide with a ,
    Safe the file, go back to your Configuration --> Software-screen, and remove whatever application you want.


    FBI on WinXP Security Flaws: seen from The Lite Side: http://www.lowendmac.com/lite/01/1226pf.html


    http://www.bigfix.com/website/consumer/overview.html

    The longer you own your PC, the more likely it is to fail. The makers of computer gear know that printers, cameras, PDAs, LANs, software programs and Internet plug-ins can all cause conflicts, glitches and complete system hang-ups. The BigFix Consumer Client can proactively reduce the number of problems that affect your computer. The BigFix Consumer Client automatically downloads and reads technical support information and alerts you if it applies to your PC and offers an automated fix.

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    882
    LMAO.....The MS saga never ends.....................
    For those that may not have seen it. Here is an excellent site to stay on top of WinXP and Office XP issues. It's got links to freebie's and add on's as well as all the updates/patches.
    http://www.windowsxp.nu/
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    The best way to install winXP is with the Format command. Sorry, but I have run into way to many problems with it on my network at work.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  4. #4
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    MS is being pounded so much these days, one might consider it like a single girl being passed around at a gangbang. Harsh as it is, there's no relief in sight as their latest "patch" has an immediate hole in it because they ripped it off from an Open Source project that had known issues that weren't fixed. Come on MS, if you're going to use Open Source stuff, RTFM (known issue pages etc), otherwise stay over there with your back-asswards OS that does horrible everything and is close-sourced. Oh, and hire some actual programmers. You'd think you had trained monkeys over there.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    You'd think you had trained monkeys over there.
    hehe...i wish...once you train a monkey..they don't need to be trained again and again...

    ok class...can we say "buffer overflow"

    and again and again...

    i for one am getting tired of the constant patch of my win2k network...i was in on the WE for six hours running the security rollup on our machines...thanks to the fact that the only way to get the roll up is through individual windows updates...they didn't offer a dl of it on the corporate.windowsupdate ...what a PITA...and looks like i'll be patching ie6 this weekend after yesterday news...

    anyone know where i can get a 10u beer fridge for my data rack...?
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  6. #6
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    anyone know where i can get a 10u beer fridge for my data rack...?
    Give me the specs zigar. I work for a company that builds equipment for bars. I am sure that I could probably get the owner to build one, for the right price.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    132
    [quote[
    Universal Plug and Play.

    1. What is it?

    UPnP is Microsoft software that uses Internet protocols to allow devices such as computers, scanners and printers to automatically discover one another so they can communicate.
    [/quote]

    Wait a second ... <thinking REALLY HARD> this was done by Sun in 1997/1998 ... it was supposed to hook into things from over the network, using the network stack itself ... CRAP! I think it started with a "T", but - I can't beleive this - I seem to have forgotten. Anyone remember what this was? All I remember thinking was, "Whhhooooaaa ... hardware-level drivers, intrinsic kernel support ... Mmmm... sounds solid".

    I'm off to bed now - if I can't even remember what this was called, I'm worthless for a few hours anyway.

    ~N~

  8. #8
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Microsoft is realy good at implementing ideas by other software companies and then claim it as a brand new idea...

    the Gui -> mac
    the skinnable XP gui -> linux(kde/gnome pick ur choice)
    the msn messenger -> icq

    the list goes on....
    I'll post a full who did they steal this function from list in another thread sometime...
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    132
    ****** JINI *********
    That's the thing I was thinking about.

    ~N~

  10. #10
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    XP-AntiSpy : nice (76kb, and freeware) tool to:

    - disable MediaPlayer identification-procedure
    - disable all XP error reports
    - disable remote desktop
    - disable Balloon Tips
    - delete the systems pagefile at every shutdown
    - disable the Quality of Service (which takes 20 % of your bandwith!)
    - automatically uninstall Messenger or disable its autostart feature

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •