Written by Oliver Korioth
Introduction
We all know the Internet is a vast resource of information, entertainment, and education right at your fingertips, where everything is just a click away. As you no doubt have heard, along with the good things online there are plenty of dark corners as well. Don’t be fooled into thinking you will just avoid the bad guys and be safe, because they will surely be looking out for you! Hackers, Viruses, Worms, Phishing scams, oh my! Some of these pitfalls could be waiting around the corner for you. Through this article series I hope to give simplified explanations of how things work, and what steps you should take in preparing your computer for a safer online experience.
How to properly setup Windows XP
Chances are if you have purchased a new computer in the last 5 years it is running Windows XP from Microsoft. XP comes in two flavors, Home and Professional, for the purposes of this paper they are one and the same. There are a few added features in Pro intended for the corporate environment which goes beyond the scope of this document.
User Accounts
The most important thing about Windows XP, and this is true for the vast majority of installations and upgrades, by default all user accounts on the system have Administrator privileges. What this means is that the user has full access rights to the entire system, which then allows you to make changes to all aspects of the machine from files and folders, to how it behaves. This also opens up the possibility for malware, viruses and worms to infect the machine and make changes to the system without your knowledge on your behalf.
The second gotcha with Windows XP, on top of giving Admin rights to all user accounts is that they do not have a password set by default. Essentially, this is like leaving the door unlocked to your house. Anyone would be able to come in the door with relative ease, the same with your computer system.
So what can be done about this problem? Simple! If you have multiple users on a machine it would be a good idea to limit which accounts have administrator rights. The less accounts that have full control of the machine, the better.
Changing User Privileges and Passwords
Everything covered in this section can be done via the Control Panel. To find the control panel click on the Start button on the lower left hand side of the menu bar (called the Taskbar) and mouse over to the Control Panel icon. When the Control Panel opens click on the User Accounts icon. This will open another box that looks like this:
Select the ‘Change an account’ option which will open a dialogue with a listing of all the user accounts. For each account you want to restrict, select the user and choose ‘Change the account type’ and choose the ‘Limited’ radio button, then ‘Change account type button’. Once finished it will go back to the user account screen.
Next we want to add a password to the account, so select the ‘Create a password’ option from the list. A new page will open allowing you to add a password, retype it, and provide a password hint in case you forget it. Choose the ‘Create password’ button to complete the process.
A special note about passwords in Windows (and online for that matter). Make sure the password you choose is complex and not easy to guess. For example do not make passwords with your name, a simple word or other easily identifiable method. It is best to use a mix of numbers, symbols, letters (upper and lower case), and to make it as long as possible (up to 127 characters!). The longer it is, the harder it will be for an attacker to guess and or brute force crack the password. At the bare minimum you should have 8 characters. Now the next time you log onto the machine it will ask for your password.
Next Steps…
Windows Built in Firewall
If you are running Windows XP Service Pack 2, Microsoft has added some additional features to protect your computer. If you are not sure if you have Service Pack 2 there is an easy way to tell if it is installed. Click on Start, choose Control Panel. Look for an icon called ‘System’. Double click on it and a new box will open. Right on the General Tab it will state the type of operating system version you have and the service pack level.
If it says anything else besides Service Pack 2, then it is imperative you download this update. It is free of charge and I recommend a high speed connection because the file is quite large, a regular modem connection would take all day to download this update. You can get it from here:
http://www.microsoft.com/windowsxp/sp2/default.mspx
Regardless of whether or not you already run a software firewall, you should get this update anyway because there are many security fixes and improvements included with this release. Plus Microsoft is dropping support for any older versions of Windows XP in October 2006.
What is a firewall?
To put it simply, a firewall is a piece of software or hardware that blocks out unwanted network traffic from getting into either your network or computer. It is essentially the locked front door to your computer. It keeps the bad guys out and we can let in the good guys if we so choose. This is your first line of defense when connecting to the Internet.
So it is imperative that this software has been turned on. Once again go to the Control Panel and look for the Windows Firewall icon. Double click it to open, it should look like this:
Just make sure it is turned on and click OK. That’s all there is too it. If you are running any sort of Anti Virus suite such as from McAfee or Norton, chances are there already is a firewall running, so this built in one may be turned off. That’s fine, as long as the 3 rd party software is working properly you should be protected.
Windows Update
While we’re in here, let’s make sure that the Windows Update utility is setup as well. This is a very handy tool to have. Instead of having to check with Microsoft for any security updates, it does it for you. Unfortunately, by default, it is set to check at 3am, not exactly a time most of us have a computer running.
Double click the Windows Updates icon in control panel. Hopefully the Automatic setting is selected, and the time to download is probably 3 am. Just change the time to something during the day and click OK.
A few minutes after this is done you may notice a new icon down by the taskbar begging for your attention to install the latest updates. Great! Now you know its working.
Almost finished…
So hopefully I haven’t lost you yet and your computer is now humming along nicely. These first 3 steps are very important, but we aren’t quite finished yet. Microsoft only provides a minimum amount of protection and we still need to cover all the bases. In the next part I will explain some additional pieces of software that you will need to setup in order to completely protect the computer.
Questions? Comments? Please let me know!
Oliver Korioth
okorioth@kortechservices.com
©2006 Kortech Services Article may not be used without permission.
