Author: Eric "TweakHound" Vaughan & Allen "PCBruiser" Weil
Description: A guide for securing Windows XP
Edited by: Miles "Paragon" Cheatham
Published: April 23, 2005

Page 4 of 13

Windows XP

Securing Windows XP Vol. 1 - Version 2

Basic Steps to Installing XP Safely con't

System Restore

Windows XP has a feature called System Restore that backs up most of the system files. While this feature is far from perfect it can be effective in many situations. System Restore points are (usually) made automatically made "at the time of significant system events" such as when you install a new program or driver. You can also manually create a Restore Point. System Restore is not a true "uninstall" feature or backup. It only monitors and restores key parts of files and the system registry. It can however get you out a jam quickly.

To manually create/restore a restore point:

Go to Start > Programs > Accessories > System Tools > System Restore > click on Create a restore point and click Next > in the resulting screen type a name for the restore point, be descriptive i.e.: "b4 new video driver 12/03" then click Create.
To restore a system from a restore point: Go to Start > Programs > Accessories > System Tools > System Restore > click on Restore my system to an earlier time and click Next > choose the desired restore point and click Next.

Use a password for your account

Unfortunately XP allows you to not have passwords for your user accounts. Not having a password is a very quick way to get hacked. Ensure that all accounts have a password. Passwords should be a mix of letters (upper and lower case), numbers, and symbols. Valid symbols include: (` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /). Passwords should not be dictionary words or proper names. Crackers run programs containing these and it won't take long for them to crack it. Make it hard to guess but easy for you to remember. The longer it is the harder it is to crack.

An example of a password strategy would be a phrase: In 84 i Graduated ! And 8 Years Later i Was Married :-(

Using the above strategy we get I84iG!A*YLiWM:-( . Not only is that extremely difficult to crack, with all the unprotected computers out there it isn't worth the attempt for most crackers. This may sound difficult to do and remember but it isn't. After typing it a few times it will be as easy to remember as your telephone number. Still, it is a good idea to back up your password.

Backup your user password (requires a floppy drive)

Go to Start > Settings > Control Panel > User Accounts > click on the name of the account whose password you wish to backup > in the next window, in the upper left of the screen click on "Prevent forgotten password", the Forgotten Password Wizard will launch. Simply follow the steps in this wizard. If you forget your password at startup XP will ask if you want to use this disk. ***Important -This disk contains the key to unlock your entire system. Lock it away in a safe location. Preferably in a room other than the one that computer is in.

Rename the Administrator account and disable the Guest account (Windows XP Professional only)

Crackers need both a password and a user name to get into your computer. Windows XP Pro comes with a default account called Administrator that has full privileges on your system and Guest that has limited privileges on your system. This gives crackers half of what they need to get into your computer.

Rename the Administrator Account: Go to Start > Settings > Control Panel > Administrative Tools > Computer Management > in the resulting screen in the left pane double-click Local Users and Groups and then double-click Users > in the right pane you'll see the Administrator account, right-click on it and choose Rename > enter a new name >. This account will have the same password as before. If you want to change the password or create one, right-click on the name you just created and choose Set Password... > a warning screen should appear, click the Proceed button > in the resulting screen fill in the password and click OK.
Disable the Guest Account: Now you are back at the Computer management screen. Right-click on the Guest account and choose Properties > in the resulting screen check the box that says Account is disabled > click Apply and OK. A red circle with an X should now be over the icon next to the Guest account.

Disable the Guest account(Windows XP Home): Go to Start > Settings > Control Panel > User Accounts > in the resulting screen click on Change an account > in the resulting screen click on the Guest account > in the resulting screen click on Turn off the guest account > close out the User Accounts screen.