Increasing Windows 2000 and XP Security<base href="http://www.atruereview.com/" /> <link rel="shortcut icon" href="http://www.atruereview.com/images/favicon.ico" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link href="http://www.atruereview.com/templates/rt_versatility_iii/css/template_css.css" rel="stylesheet" type="text/css" /> <link href="http://www.atruereview.com/templates/rt_versatility_iii/css/style10.css" rel="stylesheet" type="text/css" /> <link href="http://www.atruereview.com/templates/rt_versatility_iii/slimbox/slimbox.css" rel="stylesheet" type="text/css" /> <link href="http://www.atruereview.com/templates/rt_versatility_iii/css/rokmoomenu.css" rel="stylesheet" type="text/css" />  <link rel="shortcut icon" href="http://www.atruereview.com/images/favicon.ico" /> <style type="text/css"> td.left div.moduletable, td.right div.moduletable, td.left div.moduletable-hilite1, td.right div.moduletable-hilite1, td.left div.moduletable-hilite2, td.right div.moduletable-hilite2, td.left div.moduletable-hilite3, td.right div.moduletable-hilite3, td.left div.moduletable-hilite4, td.right div.moduletable-hilite4, td.left div.moduletable-hilite5, td.right div.moduletable-hilite5, td.left div.moduletable-hilite6, td.right div.moduletable-hilite6, td.left div.moduletable-hilite7, td.right div.moduletable-hilite7, td.left div.moduletable-hilite8, td.right div.moduletable-hilite8 { width: 175px; } div.wrapper { margin: 0 auto; width: 868px;} </style> <script type="text/javascript" src="http://www.atruereview.com/templates/rt_versatility_iii/js/mootools.r462.js"></script> <script type="text/javascript" src="http://www.atruereview.com/templates/rt_versatility_iii/js/roktools.js"></script> <script type="text/javascript" src="http://www.atruereview.com/templates/rt_versatility_iii/js/mootools.bgiframe.js"></script> <script type="text/javascript" src="http://www.atruereview.com/templates/rt_versatility_iii/js/rokmoomenu.js"></script> <script type="text/javascript"> window.addEvent('domready', function() { new rokmoomenu($E('ul.nav'), { bgiframe: false, delay: 500, animate: { props: ['opacity', 'width', 'height'], opts: { duration:400, fps: 100, transition: Fx.Transitions.sineOut } } }); }); </script> </head> <body id="page_bg" class="f-default"> <script type="text/javascript" src="http://www.atruereview.com/templates/rt_versatility_iii/js/slimbox.js"></script> <div id="fxContainer"> <div id="fxTarget"> <div id="fxPadding" class="wrapper"> </div> </div>  </div> <div id="template" class="wrapper"> <div id="header"> <a href="http://www.atruereview.com" class="nounder"><img src="http://www.atruereview.com/images/blank.png" style="border:0;" alt="" id="logo" /></a> <div id="banner"> <div class="padding"> <form action="index.php?option=com_search&Itemid=5" method="get"> <div class="searchroflmao"> <input name="searchword" id="mod_search_searchword" maxlength="20" alt="search" class="inputboxroflmao" type="text" size="20" value="search..." onblur="if(this.value=='') this.value='search...';" onfocus="if(this.value=='search...') this.value='';" /> </div> <input type="hidden" name="option" value="com_search" /> <input type="hidden" name="Itemid" value="5" /> </form> </div> </div> </div> <div id="horiz-menu" class="moomenu"> <ul class="nav"> <li><a href="http://www.atruereview.com/">Home</a></li> <li><a href="http://www.atruereview.com/search.html">Search</a></li> <li><a href="http://atruereview.com/oldrev.php">Old Reviews</a></li> <li><a href="http://www.atruereview.com/atruereview/articles.php">Old Articles</a></li> <li><a href="http://www.atruereview.com/contact/contact.html">Contact</a></li> <li><a href="http://www.atruereview.com/links/links.html">Links</a></li> <li><a href="http://www.atruereview.com/accessories/2.html">Reviews</a></li> </ul> </div> <div id="top"> </div> <div class="clr" id="mainbody"> <table class="mainbody" cellspacing="0" cellpadding="0"> <tr valign="top"> <td class="left"> <div class="moduletable"> <h3> Main Menu </h3> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr align="left"><td><a href="http://www.atruereview.com/" class="mainlevel" >Home</a></td></tr> <tr align="left"><td><a href="http://www.atruereview.com/search.html" class="mainlevel" >Search</a></td></tr> <tr align="left"><td><a href="http://atruereview.com/oldrev.php" class="mainlevel" >Old Reviews</a></td></tr> <tr align="left"><td><a href="http://www.atruereview.com/atruereview/articles.php" class="mainlevel" >Old Articles</a></td></tr> <tr align="left"><td><a href="http://www.atruereview.com/contact/contact.html" class="mainlevel" >Contact</a></td></tr> <tr align="left"><td><a href="http://www.atruereview.com/links/links.html" class="mainlevel" >Links</a></td></tr> <tr align="left"><td><a href="http://www.atruereview.com/accessories/2.html" class="mainlevel" >Reviews</a></td></tr> </table> </div> <div class="moduletable"> </div> </td> <td class="mainbody"> <table class="sections" cellspacing="0" cellpadding="0"> <tr valign="top"> <td class="section w99"> <div class="moduletable"> </div> </td> </tr> </table> <div class="padding"> <h2 align="center"> <?php include '../banner.php' ?> </h2> <h2 align="center">Increasing Windows 2000 and XP Security</h2> <p align="left">Windows 2000 and Windows XP are a very strong server solution. Backwards compatibility, Microsoft's default assumptions, and improper configurations have created many security issues. There are a lot of unneeded services installed in Windows 2K and XP that take up extra resources and create security holes for hackers to attack your computer. This article will identify common security threats and services to disable. This article is written mainly on information for Windows 2000 but many of the same threats are in Windows XP as well.</p> <p align="left"><b> Windows Security Threats:</b></p> <p align="left">A properly configured Windows machine is a very secure machine. Writing an article on security could entail thousands of pages for each setting and how to defend against each type of attack. This article is meant to be a brief overview of the major steps a user or administer can take to gain a strong foothold in securing their Windows computer.</p> <p align="left">Editing the registry and disabling services can lead to problems. Make sure you double check all your edits and perform a backup before making major changes. Only change one setting at a time to allow for ease of recovery if a problem occurs.</p> <p align="left">Registry settings are edited with a program call regedit32. Click on the Start Menu > Run > type <strong>regedt32</strong></p> <p align="left">Services are turned on and off by the services.msc. Clock on the Start Menu > Run > type <strong>services.msc</strong></p> <dl> <dt><strong>Stop Null Sessions</strong></dt> <dd> This is the biggest security threat to Windows. Null sessions allow unwanted users to gain access to your computer. Null sessions are opened on NetBIOS ports 139 and 445. NetBios is Windows' default protocol for "File and Print Sharing." With automated tools, hackers will gain access to crucial system information such as accounts and passwords. NULL sessions are a built in communication share using an anonymous user and a NULL password on the NetBios port.</dd> <dd> </dd> <dd>The easiest way to stop NULL session is by disabling "File and Print Sharing" on all network devices. On XP go to Control Panel > Network Connections > Properties for each adapter. On Windows 2000 go to Control Panel > Network and Dial-up Connections and select the proper connection.</dd> <dd> </dd> <dd>If these services are required then make a registry entry to protect from sending sensitive data through the NetBios port. Open regedt32 from the Run Menu. Select HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > LSA. The key you want to edit is <strong>RestrictAnonymous. </strong>Change the value to a 1 or 2. A setting of 1 indicates that null connections are allowed but sensitive data is blocked being sent via the connection (only option available in NT4). A setting of 2 will disallow any NULL connections; this may conflict with some 3rd party software. There are a few hacking tools that will work on a level 1 setting and retrieve information. Reboot the machine when done. <br> <br> Another way to prevent access to port 139 is to disable NetBIOS over TCP/IP. Windows will cascade to port 445 to respond to NULL sessions and other requests.</dd> </dl> <dl> <dt><b>Disable SNMP services</b></dt> <dd>If null sessions are disabled, another easy way to gain system information is through public SNMP.<br> <br> If there are no programs using SNMP, disable this service. This is the easiest way protect against hacks and free up some memory.<br> <br> If SNMP access is needed, then set SNMP not to run in a public mode. Open the registry editor. Go to HKLM > System > CurrentControlSet > Services > SNMP > Parameters > ValidCommunities. Select Security> Permissions and change them to permit only approved users access.<br> <br> There is one more step to disabling public access to SNMP. Go to HKLM > System > CurrentControlSet > Services > SNMP > Parameters > ExtensionAgents and delete the value that contains the <b>LANManagerMIB2Agent</b>. Then rename the other entries to update the sequence, ie. 2, 3 etc. until the sequence begins with a 1.</dd> </dl> <dL> <dt><b>Disable Unused Services</b></dt> <dd>Disable all services that are not needed for system. Unused services only take up resources and allow attackers to use them or come through the ports they leave open.<br> <br> Disable Alerter and Messenger if they are not used for they give an attacker SYSTEM rights, basically the right to run anything on your computer.</dd> </dL> <p align="left"><a href="atruereview/Articles/winsecurity2.php"><next page></a><br> </p> <p align="left"> </p> </td> <td background="../Images/sidebackrt.jpg"width="25"> </td> </tr> <tr> <td width="25" background="../Images/botlftcor.jpg" height="23"></td> <td background="../Images/botback.jpg" height="23" width="490"></td> <td width="25" background="../Images/botrtcor.jpg" height="23"></td> <tr> </p> </div> </td> </tr> </table> </div> <div id="footer" class="clr"> <div class="rk-1"> <div class="rk-2"> <div id="the-footer">  </div> </div> </div> </div> </div> </body> </html>