Windows XP Security Guide (phase one) - Page 4
Page 4 of 4 FirstFirst ... 234
Results 31 to 39 of 39

Thread: Windows XP Security Guide (phase one)

  1. #31
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    PST, I think I mentioned this elsewhere, but Windows tends to use %windir%, %systemroot%, etc rather than C:\windows or C:\, etc. Therefore, I personally have NEVER had a problem with installing Windows XP on a non-standard drive. Unlike 9x which needed to be on the first primary partition, I have even installed XP/2K on logical drives and never run into trouble. However, as usual, try all this at your own risk .

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  2. #32
    Therefore, I personally have NEVER had a problem with installing Windows XP on a non-standard drive
    Give your sys and error log a check, you will notice quite a few services kicking and screaming. Thus, because it is an "unknown" and "untrusted" enviroment, why would having an unsure setting be more secure than a sure one?

    This is what I'm thinking:

    1. If they got past your origonal security, meaning at this point they certainly aren't stupid, it isn't going to be difficult for them to discover that the information is on a different drive, and simply access the other drive.

    2. The possibility of an unknown happening is a variable you simply can not trust in any professional enviroment. This is similar to placing up a firewall in which you have no idea how it works. While the firewall itself offers a slight higher rate of security, the lack of knowledge and pure ability of that particular firewall may lead to even less security. (ie. exploiting the firewall, the firewall disabling security services that we can't see, as they are under the hood, etc)

    So, I'm not saying it can't be done, just that it isn't recommended, encouraged, or useful when someone is already in your computer

  3. #33
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    I do agree with you on the security count. However, this can be a great tool when you want to recover some data from a fux0red install and have a spare partition handy. Install your OS on the other drive and pull the data off. On a security count, the first thing I'd do when I got a shell and couldn't get into c:\windows or c:\winnt is to enumerate the system variables (set). That'll give me a whole bunch of information that I'd have to otherwise spend a lot of time looking for. So al that using D:\windows instead of C:\windows is going to do is make me type one more command.

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  4. #34
    No thanks. Once again, having a seperate drive for the primary operating system is simply not safe.

    If I want to fix a fuxored install, I'll use knoppix and cd burn all backup data. Simply won't trust it NOR ever recommend switching primary OS partitions.

  5. #35
    Junior Member
    Join Date
    Aug 2004
    Posts
    5
    Great tutorial & thread!

    I got my machine w/ XP previously installed on it. I have been using it for about a year.
    Is there anything I can do short of re-installing XP to gain some/all of the benefits of this set-up?

    Thanks

  6. #36
    Thanks !

    A complete format and reinstallation would be simpler, but I understand where you are coming from. You could still use a partitioning program (partition magic) and split it into seperate partitions and then move files/reinstall programs as needed to meet the appropriate partitions. That would at least semi-cover the partitioning.

    If you are on Fat32 instead of NTFS and want to switch to NFTS, here is how: http://www.ntfs.com/quest3.htm

    For the passwords, you can always alter them via the start>control panel>users> and then alter the passwords for your accounts to meet the standard in this tutorial.

    The network settings can be configured almost identical to how the tutorial describes it by: start>control panel>network connections> right click on your connection and choose properties.


    Hope that helps, and then I recommend giving the second phase tutorial a shot for the postXP installation.

  7. #37
    Junior Member
    Join Date
    Aug 2004
    Posts
    5
    thanks - I've got some homework to do here.
    Already read you second tutorial - question for you on that one - I have the newest non-freeware version of zone alarm (3.0) - Can I assume that you think that's crap also & I should switch?

    If I do do a reinstall, should I download the firewall to a CD 1st so I can install it prior to accessing the internet?

  8. #38
    Already read you second tutorial - question for you on that one - I have the newest non-freeware version of zone alarm (3.0) - Can I assume that you think that's crap also & I should switch?
    There are only two reasons (primarily) that I dislike ZA. The free version is horrid in terms of giving you control, and that there are multiple exploits for it occuring rapidly since it is so popular. If you are fine with what ZA offers you (free or not), and feel safe enough behind it then by all means use it. Just not a recommendation is all. My dislike is moreso leaned torwards the free version, because the firewalls I listed will do the same thing that ZA nonfree will do, but for free. If you already have ZA nonfree then enjoy it Just be careful for future exploits.

    If I do do a reinstall, should I download the firewall to a CD 1st so I can install it prior to accessing the internet?
    You can if you want to, or just make your first download the firewall from the official vendor site. Even just turning on the windows firewall (Start>control panel> network connections> right click connection choose properties> advanced) would protect you well enough to update, install, upgrade, and then install a decent 3rd party firewall(and then of course turning off the windows firewall).

    Would save a CD too, as well as allow you to always get the latest version. Of course this is preassuming high speed internet. If you have dial-up, most firewalls aren't large but then I could understand the need to put it on a CD.

  9. #39
    Junior Member
    Join Date
    Aug 2004
    Posts
    5
    Thanks again.

    I'm truely a rookie when it comes to security, so like i said I've got some series homework to do. It seemes like there's a ton of good info to absorb on anti-online, so I am going to finish going through all the relavant post - before I do anything. - The thing I know for sure is that I've been a complete retard up to now - pretty much everything right down to my hardware firewall was/is configured incorrectly. - yikes. The only things that I assume have kept me online (mostly by luck)- are zone-alarm & ad-aware which was gettting a hell of a workout until I dropped IE & switched to firefox on sunday. Also I've started running everything through metropipe www.metorpipe.net, that seems have helped out also. Does anyone know anything about metorpipe. (I think I'll start a new thread for that one.)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •