TechNet Support webcast: Make your Windows XP PC more secured

Check for the Windows updates periodically:

Windows updates helps you to keep your PC more secured. However, most of the users doesn't get time to install the updates. The Automatic update feature made this task simple. Ensure that the Automatic update option is turned on.

Right-click My Computer.
Click Properties.
Click Automatic updates, and turn it on.

This will download the available Windows updates automatically. However, this feature prompts the user to install the updates whenever they are available. This is common for both critical updates, and minor updates. To make the installation automated for minor updates, modify the following registry entry:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

Change the "AutoInstallMinorUpdates" DWord value to 1.

0 = False (Treat minor updates like other updates)
1 = True (Silently install minor updates)

Setup a password to the guest user:

One of the good features in Windows is the availability of the Guest user, which does not prompt to enter a password. Even though the Guest user has limited access, there are possibilities for unknown PC access. However, it is recommended to either disable or setup a password for the Guest user.

Go to the command prompt, type "Net user guest *" and enter the Password twice to enable to password for the Guest user. Alternatively, you can Computer Management, Local Users and groups, Users in the Computer Management window, right-click Guest user in the right pane and click Set Password. Go through the wizard to set the password.

Rename the Administrator account:

Attackers will always try to have a complete control of the machine. Any attacker will know that Windows creates an Administrator account during installation. The easiest way to get that level of access is to target the Administrator account. Renaming the administrator account makes it slightly more difficult for unauthorized persons to guess this privileged user name and password combination. To rename the Administrator account follow these steps:

Right-click My Computer and select Manage
Click the + next to Local Users and Groups
Click the Users folder
Right-click the Administrator account and select Rename
Assign a new name.

It is recommended to use a name that does not provide any clue that the account is the Administrator account. Double-click the newly renamed Administrator account and delete or revise the Description of the user account.

Enable the "Warn me when other applications try to send mail as me" option in Outlook Express:

Many Internet users like to store their communication offline and use Outlook Express as the email client. However, some freeware and malicious script will generate and sends an email to the hacker and gives the identity of the user. Similar to Outlook XP, Outlook Express 6.0 now has a security feature that can alert you if any program tries to send an email. When this happens, you will receive the following message for each message you try to send. To disable this warning, perform the following:

Open Outlook Express.
Click Tools, Options.
Click Security Tab.
Check the "Warn me when other applications try to send mail as me option."
Click OK.
 
Use alpha-numeric passwords:

A normal password can be hacked easily. Hence, experts always recommend to include alphabets, and numbers in the password. Unfortunately, this limitation is not available in the password rules of Windows XP Operating System. However, you can force the password to be alpha-numeric. Change the following registry entry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network

Double-click AlphanumPwds key and change the value to 1.

NOTE: If this key does not exist, you may need to create this key.

Disable Last user login name display:

When you press Ctrl + Alt + Del, by default Windows displays the last username, who has logged in to the PC. This helps the hackers to login to the user account by using some password guesses. We can make Windows not to remember the last logged in username. Go to Administrative Tools, double-click Local Security Policy option, Select Security Options under Local Policies, right-click the "Interactive logon: Do not display last user name" option and select Properties.and Enable it.

Disable access to removable storage media:

Now users are giving importance to storage gadgets. Many tiny gadgets like thumb Drives, and a vide range of memory cards are available in the market using with data can be copied very easily and fastly, which can be a disadvantage.

Now, a new feature has been added to Windows XP SP 2, which will prevent the write operations to USB block storage devices, such as memory sticks. When this option is enabled, the devices function only as read-only devices. To enable this option, modify the following registry entry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\

Double-click "StorageDevicePolicies" and change the DWord value to 1.

0 - Disabled
1 - Enabled