-
April 8th, 2006, 01:14 AM
#1
Windows XP Security Guide/Tutorial
As my tutorial/guide get larger and more comprehensive... I have decided to ask for community contributions, not necessarily in information, but in ideas.
I will be circulating a very rough draft of it in the next few days. The information is mostly there, but it needs quite a bit of polishing. I am currently trying to contact a few select people to get permission to include parts of their work in my release, as I feel they have covered things better than I could, at least in terms of language and understandability.
I am now trying to figure out what areas to expand on.
Is there anything specific that the Antionline community would like to see? Although my tutorial is not going to be posted on Antionline for a number of reasons, I will post a link to it here, and do fully intend for the Antionline community to have full access and the ability to contribute to it.
I believe that this is going to become an ongoing project of mine, and I welcome community interaction.
So... What do y'all want to see covered in depth?
-
April 8th, 2006, 01:27 AM
#2
On a very basic but, I think, useful level, I would love to see instructions on migrating from a system that has been built up with the administrator account as primary to one that is locked down with a limited account, while maintaining settings, programs, etc. This is the entry point of your average user. Perhaps that could provide a larger framework for the more detailed parts.
-
April 8th, 2006, 07:09 AM
#3
Greeting's
I couldn't find the original guide (by black viper) about service's but here is a good link :
http://www.tweakhound.com/xp/security/page_3.htm
It help you decide which servie's to disable and enable. I think its a good guide but not the most indepth. Anyway I think local policies will be a part I'm waiting for ( You had mentioned that in a thread and I'm really curious)
Anyway Best of luck and thank you too. If you need any re-search to be done on any aspect of your article please feel free to ask.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 8th, 2006, 09:39 AM
#4
K.I.S.S. (keep it simple, stupid).
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
April 8th, 2006, 07:14 PM
#5
K.I.S.S. (keep it simple, stupid).
Simplicity is the idea here. I mean... All of the settings are easy to do, and easy to understand, right?
The difficulty comes in remembering the meaning of everything, and the location, etc.
The average user can understand these things, you just have to put it in their language. That's what I'm doing with this.
The "project" as it is, is going to be based at Unerror. I do not know whether it will be a single thread, it's own forum, whatever. We'll see where it goes, and how it grows.
I have borrowed from a few sources in this, and am awaiting their permission before I publish anything, just to avoid any copyright issues. Proper credit has to be given, and I am certainly not doing this for any benefit to myself, other than an excuse to spend more time at the computer
The biggest impedance to this project is the fact that I am a shitty writer
ByteWrangler - Thank you for the link, I will be checking it out. Local services are a large part of local security.
Hesperus - I have considered that issue, and I am going to devote a section to that type of migration. The "Starting point" has been the most difficult part of this project, as there is no "default" confiuguration anymore. OEM installations differ greatly nowadays, and very few people actually do a full retail installation.
Still not entirely sure how I am going to work everything out, and it will be a while before a final draft is done, but I have organized most of it, and have been doing fill work. I never realized how long it takes to write out every damn MMC setting that I need them to make in an organized manner, especially given the fact that I cannot rely on "defaults." I actually have to specify what everythign should be. God help them if they accidently set their machine to Crash on Audit Failure... How many "Average" users can boot up as an admin and change that registry key back?...
Thank you for the suggestions, and I look forward to releasing this in a timely manner (Hopefully before Vista is outdated...)
-
April 8th, 2006, 09:26 PM
#6
Greeting's
I read your thread at unerror.com about your article, I will start by providing basic configuration for Norton Anti virus (2005).
Start Norton anti-virus and click
>options
>> On the left hand side you'll see different aspects of the anti virus that you can configure.
1. Click on Auto-Protect on the left side and you'll notice that it give's you various advanced options.
2. On the first page (Auto_protect) be sure following are SELECTED :
Enable auto protect
Load Auto-protect when windows starts up
Comprehensive file scanning
Scan within compressed files (NOT SELECTED BY DEFAULT)
3. Click Advanced under AUTO-PROTECT
Be sure following is selected :
Load auto-protect during system boot
4. Click exclusions under AUTO-PROTECT
and remove everything
5. Click MANUAL SCANNING ON THE LEFT HAND SIDE AND THEN BLOODHOUND
Select highest level of protection (will increase your scan time)
6. Under manual scanning select exclusions
remove everything here
** 7. Select Internet Worm Protection and UNCHECK "enable Internet worm protection", select permanently from the warning window that appears. ONLY DO THIS IF YOU HAVE A FIREWALL INSTALLED ON YOUR SYSTEM" **
8. Click threat categories on the left hand side and see that all the categories are selected on the right hand side
9. Click threat categories and then exclusions remove everything under here
10. Under misc. setting give your Norton anti-virus a password.
PS I'll format this in the better way in the morning (its 2:00 am here and I have tuition's at 8) anyway Setting's number 4 & 5 are only for the paranoid you can leave it to default, as it will not have much effect.
PPS : I'll also write config articles for zonealarm and few more if you want.
I can also take screen carture's of all the settings and name them accordingly.
Just tell me if its upto the mark for you.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 8th, 2006, 10:12 PM
#7
Yes, it's fine. Thank you.
THe problem I run into with the third party apps is that not only do I have to download them, run them, and learn them, I also have to then write a small guide for them.
Any changes that have to be made will be made upon revisions to the guide. At this point, I just want everything to be put together. Technical review will show any incompatabilities. And the thrid party section is not a part of my guide exactly, it is merely included with the guide to alleviate confusion caused by not wanting to work with the tools I use in the guide.
If anyone wants to contribute, and you do not want to sign up at Unerror, just drop me a line at d0pp139an93r@gmail.com. And I will get back to you. I am obviously available at Antionline as well.
I do understadnthat there is a bit of a rift between AO and Unerror, and I certainly am not trying to encourage "defection" from one site to another. I merely want a focal point for the project, and it is far easier for me to work within Unerror than it is for me to work with AO, given that I am an Unerror mod, and have the ability to alter posts (namely mine) without worry of when it was made, or any other factor. The project is also meant to benefit Unerror, without taking away from any other site.
-
April 8th, 2006, 10:23 PM
#8
Hey d0pp
I am sure your familiar with this site..Kellys Corner there is a lot of useful info here...
Luck
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
Claude Swanson
-
April 12th, 2006, 06:48 AM
#9
Greeting's
I found this for zonealarm
http://www.dslwebserver.com/main/sbs...configure.html
If you want I can change (edit) and add some more stuff to the entire guide. I can change the pics (screen shots).
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 12th, 2006, 03:11 PM
#10
The problem is that everything here has to be original in order to avoid copyright/plagiarism issues.
Also, the copyright issue is why I am not willing to post this work directly on AO. They will have to deal with nothing more than a link to the CMS I have setup on the Unerror server. (URL to be announced later.)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|