Windows XP Security Guide (phase one) - Page 2
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 39

Thread: Windows XP Security Guide (phase one)

  1. #11
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    Interesting... That was one thing we practiced in class was installing it on a different drive to avoid the common guess... but that was on 2000, which I personally like a lot better.
    *shrug*

    Still a good post
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  2. #12
    XP dropped it because the newer security goes haywire if you alter the :\windows, and I would trust the xp security enhancements over 2k anyday.

    However, drive doesn't matter so much, as that directory name. So have fun installing it on another partition during the partition procedure, as it should work in theory. If you do ever get around to attempting it on a different partition, let me know. Keep in mind that even calling it D:\Windows, it's just a few keyboard clicks from the attacker changing that link, and nothing too important.

    What's more important is the server partitioning, which overcomes both the C:\windows exploit attempts and 3rd party attempts.


    Like I said, if you ever give XP a shot and discover an addional way to do security on what I have, feel free to let me know. I'll be more than happy to add it, so long as you can show there is not negative effects to the system because of it.

  3. #13
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Avenger, one thing to keep in mind is that even if you do rename the Administrator account you can still figure out what the account is via the SID as the Admin account always has a SID of 500 (unless you can change it, is there a way???, the software "freesid" allows you to change some attributes, but as far as I know admin stays with a SID of 500.

    To find the SID you can user user2sid or sid2user.

    Good post PST.
    Quis custodiet ipsos custodes

  4. #14
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    the biggest reason is : start>run> \\ip addess\C$ thats followed by Username:
    if its not on c, theres no C$... now granted if someone really REALLY wants in, they may try D$, E$, etc... BUT.... most people scanners would stop there... also if you DONT allow netbois in, your ok. ... but for those who MUST use netbios... just remember your default shares windows sets up...
    pretty rudimentry stuff, but can be overlooked easlily
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  5. #15
    Which will be covered in the according guide Remember... this is installation procedures... not GUI configuration yet. No worries, I will include everything from my past experiences and beyond.

  6. #16
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    woot! well you got greenies from me for your efforts Nice work
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  7. #17
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    3 gigs ain't very generous for an OS partition for XP and program files.

    I personally create 20gigs for programs and windows.

  8. #18
    Thanks again. Don't forget, if you ever get around to testing XP and come across any more security measures that work, let me know. I'm serious about that. I'll credit you and everything.


    On a side note: changing the administrator name on XP borks the system recovery. XP system repair console requires the administrator name account to be there for recovery. This is understandable as you don't want someone locally ruining the system by using a different account name. And understandable, because even if you changed the account name, like what Ron1n said... it's still very easy to enumerate.

    Thanks again, and keep things like this coming! The more you bring up, the more I can analyze!


    Mark

    Please read the tutorial again, as it covers that. 3 gigs for Windows ALONE. And the second partition for your programs, on whatever size you want. I highly suggest you reread the partitioning section

  9. #19
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    Does anyone know how to change the default location (C:\Documents and Settings) for the Documents and Settings folder.
    On a side note, I've installed XP on non C: drives many times and it's always run without a hitch. I do it whenever I want to test something. I just make another install of Windows XP on a separate partition and deny access to all other drives from it. Great for testing potential malware. Also, if Windows XP is b0rked, you can install it on a separate drive and get all your data off it.

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  10. #20
    Banned
    Join Date
    Nov 2003
    Posts
    1,161

    Re: Windows XP Security Guide (phase one)

    Originally posted here by pooh sun tzu
    [B]Windows XP Pro(Home compatible) SP1 Remote Security Guide - Phase One


    A. - When it asks for your name and organization, obviouslly do not give completely accurate information. This would apply even to workstations on an office workspace. Giving accurate information will only help an outside attacker gain information that could possibly lead to a security breach. Better safe than sorry. If company protocol has a problem with it, then get a new IT that can enforce positive security protocols to help keep the company's secrets and integrity safe, even it if means a one on one meeting with the B-O-S-S.
    Here I always use the character
    Code:
     _
    for the name. Just thought I would throw that in.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides