Please Scroll Down to See Forums Below 
.jpg "Research Chemical Sciences")
.png "Research Chemical Sciences")
TheProject
New member
Found this article in the latest PC Magazine, and thought some of this would be of interest to those running XP:
http://www.pcmag.com/article2/0,4149,895362,00.asp
1. Simple file sharing. Designed to let users share data across a network with just a few mouse clicks, this mode leaves you subject to a great number of NetBIOS vulnerabilities and information leaks. To disable simple file sharing, go to My Computer and click on Tools | Folder Options and the View tab. Scroll to the bottom and make sure Use simple file sharing (Recommended) is unchecked.
2. FAT32. Most hard drives in new PCs come formatted with the FAT32 file system. But you can make your PC more secure by converting to NTFS, which offers granular control of permissions for files and folders. Also, NTFS lets you use the Encrypting File System (EFS), which renders files unreadable to other users. To check your drive's file system, right-click on its icon in My Computer and select Properties. To convert to NTFS, make sure all your critical files are backed up and then go to Start | Run, type cmd, and click on OK. At the prompt, type convert x: /fs:ntfs (replace x with the correct drive or partition).
3. Guest account. Win XP's Guest account allows others to use your computer without giving them access to certain files or letting them install applications. Unfortunately, this feature has become a convenient entry point for hackers. If you don't need the Guest account, disable it. In Win XP Pro, go to Control Panel | Administrative Tools and click on Computer Management. Find Local Users and Groups in the left-hand pane and click on Users under it. In the right-hand pane, double-click the Guest account and check Account is disabled. You can't disable the Guest account in Win XP Home, but you can password-protect it using the trick we outlined in "Protecting Shared Folders in Windows XP Home"
4. Administrator account. Hackers often try to invade a PC using the account called Administrator. You always need at least one account with Administrator rights, but it doesn't have to bear that name. In either version of Win XP, assign total privileges to a different user name and disable Administrator. Further, in Win XP Home, make sure you change the default Owner account name. And don't forget to create strong passwords for all accounts.
5. Swap file. Normal Windows operation can leave unencrypted text (including passwords) on your machine, in files you would never think to look in—but a hacker might. The first thing to do is to set your machine to clear the system paging file (swap file) at shutdown. Go to the Start menu and click on Run, type regedit, and click on OK. Go to HKEY_local_machine\system\currentcontrolset\control\ sessionmanager\memory management. Find or create the ClearPageFileAtShutdown Dword and make its value 1.
6. Dump file. A dump file stores data from memory during a system crash and can be helpful when diagnosing problems, but like a swap file, it can also expose a lot of sensitive, unencrypted data. To prevent Windows from creating the file, go to Control Panel | System. Click on the Advanced tab and then the Settings button on the Startup and Recovery pane. Set the drop-down menu under Write debugging information to (none). Similarly, the debugging program Dr. Watson saves information when applications crash. To disable it, go to HKEY_local_machine\software\Microsoft\WindowsNT\ CurrentVersion\AeDebug and set the Auto string to 0. Then use Windows Explorer to go to Documents and Settings\All Users\Shared Documents\DrWatson. Delete User.dmp and Drwtsn32.log, the insecure logs the program creates.
7. POSIX. Windows XP still ships with a subsystem called POSIX, which allows the use of Unix commands. Disabling POSIX prevents hackers from using Unix commands against your system. Go to Run and type regedt32 (not regedit). Find HKEY_ local_machine\system\currentcontrolset\control\Session Manager\SubSystems and click on the multistring called Optional in the right-hand pane. By default, the multistring's value will be POSIX; delete that value and leave the space empty (but don't delete the Optional multistring). Then click on the actual POSIX multistring in the same pane. Note that it points to a file in your Windows System32 directory called Psxss.exe. Delete that file using Windows Explorer, use the Registry Editor to delete the POSIX string, and then reboot.
http://www.pcmag.com/article2/0,4149,895362,00.asp
1. Simple file sharing. Designed to let users share data across a network with just a few mouse clicks, this mode leaves you subject to a great number of NetBIOS vulnerabilities and information leaks. To disable simple file sharing, go to My Computer and click on Tools | Folder Options and the View tab. Scroll to the bottom and make sure Use simple file sharing (Recommended) is unchecked.
2. FAT32. Most hard drives in new PCs come formatted with the FAT32 file system. But you can make your PC more secure by converting to NTFS, which offers granular control of permissions for files and folders. Also, NTFS lets you use the Encrypting File System (EFS), which renders files unreadable to other users. To check your drive's file system, right-click on its icon in My Computer and select Properties. To convert to NTFS, make sure all your critical files are backed up and then go to Start | Run, type cmd, and click on OK. At the prompt, type convert x: /fs:ntfs (replace x with the correct drive or partition).
3. Guest account. Win XP's Guest account allows others to use your computer without giving them access to certain files or letting them install applications. Unfortunately, this feature has become a convenient entry point for hackers. If you don't need the Guest account, disable it. In Win XP Pro, go to Control Panel | Administrative Tools and click on Computer Management. Find Local Users and Groups in the left-hand pane and click on Users under it. In the right-hand pane, double-click the Guest account and check Account is disabled. You can't disable the Guest account in Win XP Home, but you can password-protect it using the trick we outlined in "Protecting Shared Folders in Windows XP Home"
4. Administrator account. Hackers often try to invade a PC using the account called Administrator. You always need at least one account with Administrator rights, but it doesn't have to bear that name. In either version of Win XP, assign total privileges to a different user name and disable Administrator. Further, in Win XP Home, make sure you change the default Owner account name. And don't forget to create strong passwords for all accounts.
5. Swap file. Normal Windows operation can leave unencrypted text (including passwords) on your machine, in files you would never think to look in—but a hacker might. The first thing to do is to set your machine to clear the system paging file (swap file) at shutdown. Go to the Start menu and click on Run, type regedit, and click on OK. Go to HKEY_local_machine\system\currentcontrolset\control\ sessionmanager\memory management. Find or create the ClearPageFileAtShutdown Dword and make its value 1.
6. Dump file. A dump file stores data from memory during a system crash and can be helpful when diagnosing problems, but like a swap file, it can also expose a lot of sensitive, unencrypted data. To prevent Windows from creating the file, go to Control Panel | System. Click on the Advanced tab and then the Settings button on the Startup and Recovery pane. Set the drop-down menu under Write debugging information to (none). Similarly, the debugging program Dr. Watson saves information when applications crash. To disable it, go to HKEY_local_machine\software\Microsoft\WindowsNT\ CurrentVersion\AeDebug and set the Auto string to 0. Then use Windows Explorer to go to Documents and Settings\All Users\Shared Documents\DrWatson. Delete User.dmp and Drwtsn32.log, the insecure logs the program creates.
7. POSIX. Windows XP still ships with a subsystem called POSIX, which allows the use of Unix commands. Disabling POSIX prevents hackers from using Unix commands against your system. Go to Run and type regedt32 (not regedit). Find HKEY_ local_machine\system\currentcontrolset\control\Session Manager\SubSystems and click on the multistring called Optional in the right-hand pane. By default, the multistring's value will be POSIX; delete that value and leave the space empty (but don't delete the Optional multistring). Then click on the actual POSIX multistring in the same pane. Note that it points to a file in your Windows System32 directory called Psxss.exe. Delete that file using Windows Explorer, use the Registry Editor to delete the POSIX string, and then reboot.
