Close Back Doors in Windows XP

Windows XP includes several features that will enable you to implement a reasonable level of security without purchasing additional software or hardware. Unfortunately, Windows is not configured for optimal security by default. The following steps will help you close some of these "back doors:"

i) By default, the file sharing service is enabled for Internet connections, but in most cases, there's no reason for this. Open the Network Connections window, right-click the icon corresponding to your Internet connection, and select Properties. In the General tab, clear the checkmark next to the File and Printer Sharing for Microsoft Networks entry, and then click OK. If you have more than one Internet connection icon, repeat this procedure for each of the others. Make sure to leave it enabled for the connection to your workgroup (if applicable).

ii) One of the main reasons to set up a workgroup is to share files and printers with other computers. But it's wise to only share those folders that need to be shared, and disable sharing for all others.

A feature called Simple File Sharing, which could allow anyone, anywhere, to access your personal files without your knowledge, is turned on by default in Windows XP. Go to Control Panel Folder Options View tab, and turn off the Use simple file sharing option.

iii) Another feature, called Universal Plug-and-Play (UPnP), can open additional vulnerabilities on your system. UPnP would more aptly be called Network Plug & Play, since it only deals with network devices. UPnP is a collection of standards that allow such devices to announce their presence to UPnP servers on your network, much in the same way as your PnP sound card announces its presence to Windows when you boot your system.

Windows XP supports UPnP out of the box, which, on the surface, sounds like a good idea. However, UPnP is a service that most users don't need, and unless you specifically need to connect to a UPnP device on your network, you should disable UPnP on your system immediately. Leaving a service like UPnP running unnecessarily exposes your system to several security threats.

To disable UPnP, open the Services window (services.msc). Find the SSDP Discovery Service in the list and double-click it. Click Stop to stop the service and change the Startup type to Disabled to prevent it from loading the next time Windows starts. Click OK and then do the same for the Universal Plug and Play Device Host. Close the Services window when you're done.

iv) The Remote Desktop feature, is enabled by default in Windows XP. Unless you specifically need this feature, it should be disabled. Go to Control Panel System Remote tab, and turn off both of the options in this window.

v) Make sure each and every user account on your system has a unique password. Even though you may not be concerned about security between users, unprotected accounts can be exploited by an attack over a network.

vi) Set up a firewall, as described in the next section, to further protect your computer by strictly controlling network traffic into and out of your computer.

vii) Finally, look for vulnerabilities in your system by scanning for open ports, as described at the end of this chapter.