Windows XP/Practical Steps
Provide Physical Security for the machine
This is self-evident. To prevent people from using your computer(s), deny them physical access. If you want to limit or monitor computer usage, physically monitor what they are doing with your computer! These simple steps alone can reduce a large number of potential threats.
Disable or Delete Unnecessary Users
Disable any accounts that are not used. For example always disable the Guest account (disabled by default on brand new computers or a "fresh" Windows XP install).
There are two ways to disable a user in Windows XP.
(a) Start >> Settings >> Control Panel [the control panel window should appear] >> User Accounts [the User Accounts window should appear] in the User accounts window there are two headings: "Pick a Task..." and "or pick an account to change". If you select the user you want to disable under "pick an account to change" new links will appear. Choose "Turn off the [username] account".
(b) Start >> Run... >> Enter "lusrmgr.msc" >> Click "Users" >> Double-click the user you want to disable, check the "Account is Disabled" box and click "Ok".
Additionally it may well be worth renaming the "Administrator" account as this may be targeted in any attempt to breach security or run/install programs. There are two methods.
|XP Home Edition||XP Professional Edition|
At a command prompt type control userpasswords2. Select Administrator and click on Properties. Change the user name, NOT the full name.
Remove Unnecessary Windows Services
A service is a privileged program that is loaded on startup and provides some low-level functionality in the background. It can be started and stopped on request (via the Control Panel >> Administrative tools >> Services window).
Unneeded Windows services use up a (small) amount of resources, but may also cause problems. For example, if you do not use TELNET you can disable the service so as to deny other people an opportunity to remotely log on your computer and send commands to it to see what happens.
The Windows Messenger service (nothing to do with the popular chat program) is a typical nuisance. It allows you to send/receive messages over a network (using the net send command). The text appears in a dialog box on the target computers' screens. People can thus spam the Internet with annoying messages.
Deactivating unneeded Windows services requires some caution, since stopping the wrong services may render your computer unusable. Be sure of what you're doing. A useful tool in this respect is Starter by Codestuff. This is free and allows you to deal with both Startup items and Services (and links to internet searches for items). While care is needed security can be improved as well as start up time.
To modify services select Start >> Run... >> type "services.msc" and click Run (this is a shortcut). Right click the service you wish to modify in the list to access options such as Disable.
Keep Your OS Updated
Security vulnerabilities are continuously discovered and exploited by virus writers and crackers. Microsoft's policy is to regularly release cumulative patches, available on the Windows Update site. Since SP2 Windows also has an Automatic updates feature (to find it right click on My Computer, choose Properties, select the Automatic updates tab).