Windows XP Security Guide/Tutorial

[Synja]

As my tutorial/guide get larger and more comprehensive... I have decided to ask for community contributions, not necessarily in information, but in ideas.

I will be circulating a very rough draft of it in the next few days. The information is mostly there, but it needs quite a bit of polishing. I am currently trying to contact a few select people to get permission to include parts of their work in my release, as I feel they have covered things better than I could, at least in terms of language and understandability.

I am now trying to figure out what areas to expand on.


Is there anything specific that the Antionline community would like to see? Although my tutorial is not going to be posted on Antionline for a number of reasons, I will post a link to it here, and do fully intend for the Antionline community to have full access and the ability to contribute to it.

I believe that this is going to become an ongoing project of mine, and I welcome community interaction.


So... What do y'all want to see covered in depth?

[hesperus]

On a very basic but, I think, useful level, I would love to see instructions on migrating from a system that has been built up with the administrator account as primary to one that is locked down with a limited account, while maintaining settings, programs, etc. This is the entry point of your average user. Perhaps that could provide a larger framework for the more detailed parts.

[ByTeWrangler]

Greeting's

I couldn't find the original guide (by black viper) about service's but here is a good link :

http://www.tweakhound.com/xp/security/page_3.htm

It help you decide which servie's to disable and enable. I think its a good guide but not the most indepth. Anyway I think local policies will be a part I'm waiting for ( You had mentioned that in a thread and I'm really curious)

Anyway Best of luck and thank you too. If you need any re-search to be done on any aspect of your article please feel free to ask.

[brokencrow]

K.I.S.S. (keep it simple, stupid).

[Synja]

K.I.S.S. (keep it simple, stupid).

Simplicity is the idea here. I mean... All of the settings are easy to do, and easy to understand, right?

The difficulty comes in remembering the meaning of everything, and the location, etc.


The average user can understand these things, you just have to put it in their language. That's what I'm doing with this.


The "project" as it is, is going to be based at Unerror. I do not know whether it will be a single thread, it's own forum, whatever. We'll see where it goes, and how it grows.

I have borrowed from a few sources in this, and am awaiting their permission before I publish anything, just to avoid any copyright issues. Proper credit has to be given, and I am certainly not doing this for any benefit to myself, other than an excuse to spend more time at the computer

The biggest impedance to this project is the fact that I am a shitty writer


ByteWrangler - Thank you for the link, I will be checking it out. Local services are a large part of local security.

Hesperus - I have considered that issue, and I am going to devote a section to that type of migration. The "Starting point" has been the most difficult part of this project, as there is no "default" confiuguration anymore. OEM installations differ greatly nowadays, and very few people actually do a full retail installation.

Still not entirely sure how I am going to work everything out, and it will be a while before a final draft is done, but I have organized most of it, and have been doing fill work. I never realized how long it takes to write out every damn MMC setting that I need them to make in an organized manner, especially given the fact that I cannot rely on "defaults." I actually have to specify what everythign should be. God help them if they accidently set their machine to Crash on Audit Failure... How many "Average" users can boot up as an admin and change that registry key back?...

Thank you for the suggestions, and I look forward to releasing this in a timely manner (Hopefully before Vista is outdated...)

[ByTeWrangler]

Greeting's

I read your thread at unerror.com about your article, I will start by providing basic configuration for Norton Anti virus (2005).


Start Norton anti-virus and click
>options

>> On the left hand side you'll see different aspects of the anti virus that you can configure.
1. Click on Auto-Protect on the left side and you'll notice that it give's you various advanced options.

2. On the first page (Auto_protect) be sure following are SELECTED :

Enable auto protect
Load Auto-protect when windows starts up
Comprehensive file scanning
Scan within compressed files (NOT SELECTED BY DEFAULT)

3. Click Advanced under AUTO-PROTECT

Be sure following is selected :

Load auto-protect during system boot

4. Click exclusions under AUTO-PROTECT

and remove everything

5. Click MANUAL SCANNING ON THE LEFT HAND SIDE AND THEN BLOODHOUND

Select highest level of protection (will increase your scan time)

6. Under manual scanning select exclusions

remove everything here


** 7. Select Internet Worm Protection and UNCHECK "enable Internet worm protection", select permanently from the warning window that appears. ONLY DO THIS IF YOU HAVE A FIREWALL INSTALLED ON YOUR SYSTEM" **


8. Click threat categories on the left hand side and see that all the categories are selected on the right hand side

9. Click threat categories and then exclusions remove everything under here

10. Under misc. setting give your Norton anti-virus a password.



PS I'll format this in the better way in the morning (its 2:00 am here and I have tuition's at 8) anyway Setting's number 4 & 5 are only for the paranoid you can leave it to default, as it will not have much effect.

PPS : I'll also write config articles for zonealarm and few more if you want.

I can also take screen carture's of all the settings and name them accordingly.

Just tell me if its upto the mark for you.

[Synja]

Yes, it's fine. Thank you.


THe problem I run into with the third party apps is that not only do I have to download them, run them, and learn them, I also have to then write a small guide for them.


Any changes that have to be made will be made upon revisions to the guide. At this point, I just want everything to be put together. Technical review will show any incompatabilities. And the thrid party section is not a part of my guide exactly, it is merely included with the guide to alleviate confusion caused by not wanting to work with the tools I use in the guide.


If anyone wants to contribute, and you do not want to sign up at Unerror, just drop me a line at d0pp139an93r@gmail.com. And I will get back to you. I am obviously available at Antionline as well.

I do understadnthat there is a bit of a rift between AO and Unerror, and I certainly am not trying to encourage "defection" from one site to another. I merely want a focal point for the project, and it is far easier for me to work within Unerror than it is for me to work with AO, given that I am an Unerror mod, and have the ability to alter posts (namely mine) without worry of when it was made, or any other factor. The project is also meant to benefit Unerror, without taking away from any other site.

[dalek]

Hey d0pp

I am sure your familiar with this site..Kellys Corner there is a lot of useful info here...


Luck

[ByTeWrangler]

Greeting's

I found this for zonealarm

http://www.dslwebserver.com/main/sbs...configure.html

If you want I can change (edit) and add some more stuff to the entire guide. I can change the pics (screen shots).

[Synja]

The problem is that everything here has to be original in order to avoid copyright/plagiarism issues.


Also, the copyright issue is why I am not willing to post this work directly on AO. They will have to deal with nothing more than a link to the CMS I have setup on the Unerror server. (URL to be announced later.)