i like to go to www.tweakxp.com aswell not only does it have some security tweaks but tweaks for the look and feel and the performance of WindowsXP :)
Printable View
i like to go to www.tweakxp.com aswell not only does it have some security tweaks but tweaks for the look and feel and the performance of WindowsXP :)
In addition to the guest account, i found 3 additional accounts on my system, HelpAssisant, described as a "Remote Desktop Help Assistant Account", SUPPORT_388945a0, desc. "CN=Microsoft Corporation, L=Redmond,S=Washington, C=US", and VUSR_(my user name) desc VSA Server Account. ( a Vis Studio Analyzer server acct.) I disabled those as well.
Not sure what that second one does, but the first one is for the Interactive Remote Help thing that MS has on their WinXP Pro boxes. It's basically where you open up a port, let a MS tech person in, and they can see everything that you are doing and can instruct you that way, thus making it easier than just relying on descriptions from the caller/chatter. Just figured I'd tell ya what that was for, in case you want to re-enable it sometime if you have trouble.
nah, rather die than seek help from micro$atan. (besides, they wouldn't approve of how I obtained their OS)
One of the better reads on securing an Microsoft Operating System.
I have an offline copy of this file and its a great referance after install.
I just reinstalled my XP box.
Using this text and some more referances, this is what my netstat -an gives me:
Before:
After:Quote:
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1035 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
TCP 169.254.187.3:139 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:1036 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1900 *:*
UDP 169.254.187.3:123 *:*
UDP 169.254.187.3:137 *:*
UDP 169.254.187.3:138 *:*
UDP 169.254.187.3:1900 *:*
thanks.Quote:
Active Connections
Proto Local Address Foreign Address State
Nice tutorial....
One thing that you may want to reconsider is EFS. It is based on a public/private key pair that is tied to each user account. The problem with this is that it is not designed to keep multiple users on the same box from seeing eachother's files. The other problem is that in order to make EFS work, you need to have a Recovery Agent. By default, this is the admin account. Now, if I get my hands on your server and I use a handy NT/W2K password reset diskette, I can look at *any* encrypted file even though I have changed the account password. Some may say that you can use a password floppy but this is also easilty defeated.
Anyway, just my two cents on EFS. You can read more about it here:
http://www.microsoft.com/windows2000...ty/encrypt.asp
:p
--TH13
Not sure if its still true but last time I played with efs, if you copied a file to a floppy drive it decrypted, and every time you moved it an unencrypted file was put in the temp directory...It also decrypted if sent over a network...Neat Idea poor implementation, very similar to most MS products.
I have to agree on the insecurity of EFS.
I had a setup dualboot with 2K and XP.
Decided to reinstall 2K which screwed up XP.
Not that bad cuz XP also needed a reinstall.
Now I had a user account defined that had her home directory ciphered.
After the reinstall I was unable to boot XP. The KB article that told how to recover the XP install was of no use cuz I had experienced with some things allready (fixboot IE).
Now I wanted the data back. Played around a bit read up on EFS a bit.
Booted to 2K, logged in as an admin and took ownership of the encrypted directory and all child objects (the dir WAS not accesible). This way I managed to recover the data.
Microsoft has the following to say about it:
So if you want to encrypt your files you better use a third party tool.Quote:
It is impossible to secure a computer that is not physically secure. An attacker that has physical access to a computer will eventually be able to break into it. Neither Windows 2000 nor any other operating system can change that.
http://www.microsoft.com/technet/tre...ws/Win2kHG.asp
thanks that was of a great help
Great tutorial Jehnny there were somethings in there that I did not not know. my boot up time is alot faster now thanks :)