This Windows XP tutorial is for those who are first time computer users or users who have had NO training. This is not a blind HOW TO. The first thing you need to know about computer security is that no matter how secure a system, if the system connects to another system it is vulnerable to attack. And by vulnerable I mean it’s there. Just like your car is vulnerable to theft, even though it’s locked away in your garage with the doors locked and the alarm on, someone can still try to steal it.
All words in bold are key words you should search on if you are interested in learning more about the topic.
Please post any questions in this thread and I will do my best to answer them. I will not respond to PM’s unless I post asking you to.
First of all, let me address something I’ve heard in bars, at parties, my parent’s house and all over the Web.
“Instead of using Windows, switch to something more secure like Linux”.
O.K. There are two problems with that statement.
First: Someone who just picked up their new PC from the local computer store is not going to be able to reinstall Windows much less any other Operating System (OS).
Secondly: Every flavour of *nix (like Linux, BSD, UNIX, etc) has its own unique flaws that can be exploited. It’s not just the OS you have to secure, as with any OS, but it’s also the Applications.
When it comes to which OS is more secure there is only one thing you must know. Microsoft is the biggest software company because THEY WERE FIRST TO MARKET! Let me say that again: FIRST TO MARKET.
Microsoft has the largest percentage of market share because it got there first. It beat Apple and IBM (the major software companies at the time). Microsoft got on the home PC and the rest is history. This is important because the virus writers and “Hackers” – in the beginning, wanted the prestige that came along with defacing, deleting and basically screwing up as many computers as they could with one piece of malicious software. Nowadays, the same types are turning toward making as much money as possible. So if you want to be a bad guy, what are you going to exploit? An operating system installed on 10% of the world’s computers or 90%? If you said 10% … well your program isn’t going to work anyway. The next thing to remember is that first to market means “ship the stuff and well fix the bugs later”. So in the beginning, Microsoft’s software wasn’t that good. But after gaining a dominant position in the market, Microsoft realized that, in order to keep it, they had to produce quality software, instead of quick, bug-ridden software.
Cookies, File Encryption, and Erasing Files.
Not really security as such, but privacy. Cookies are often discussed as a bad thing that steals your information. Well, here’s the scoop. Cookies are given to your computer browser when it visits a web site. When you check “remember me next time I log in”, the cookie is what remembers that. Now there are ways to modify a local cookie and use it to do bad things on the server, but that’s outside the scope of this tutorial. For the most part, don’t worry about cookies. However, a type of cookie can also be issued to you that will collect more data than you wish, but here’s the kicker: you have to visi a website run by unethical individuals. So avoid sites that offer free copies of Microsoft Office and other things that seem too good to be true. “There’s no such thing as a free lunch”. ‘Twas true before the Internet, will be true after the Internet. The most important thing to remember about cookies is that they can be deleted. If you’re reading this from a public computer – don’t forget to clear your browser’s cache!
Ports and Services.
So you’re trying to find out how to “secure” your PC and everything you read says turn off all unnecessary services and close unused ports. Yea RIGHT, what’s a port? Where are these services and how do I turn them off? Do this, give your PC the good ‘ol three finger salute – CTRL+ALT+DELETE (hold down the three keys at once). Now click on the Task Manager Button. Now click the Processes tab. You see all of those weird names listed in the box? Those are services, well at least some are. The majority of the Processes end with .exe, and control how you computer works. For example, see the services.exe process. services.exe is a part of the Microsoft Windows Operating System and manages the operation of starting and stopping other services. This process also deals with the automatic starting of services during the computers boot-up and the stopping of services during shut-down. Google or www.liutilities.com is a great resource for finding out what all of these services do. Be warned – if a virus ever used any of these services, that will be noted. Don’t freak out thinking you have a virus. I know of at least 50 viruses that infected or used the services.exe program.
Now before I get to showing you how, I have to explain what is known as TCP. This is not an exact description – but just a loose definition. The terminology is something you will need to research yourself as you get further along and become more comfortable with networking. I have put the keywords for your search in bold.