Prev Task List Next

Closing the Barn Doors

This is part of some remarks I've put together for friends
who are stuck with Windows. You should have read this first.

Set password

Front Door - Login Password

During the install of XP you set the administrator's password and then later you specified the name of a userid to be created. Now it's time to set a password for the account that was created (why didn't Microsoft force you to set a password?). Click on Start, then Control Panel and then User Accounts. Pick your account (there will only be one valid choice, 'Guest' is disabled, leave it that way). Now you can 'Create a password'. I always use the password I chose for the administrator. Whatever password you choose, just don't make it too trivial.


Back Doors

Windows intentionally has dozens of ways some knowledgeable person can run programs on your machine without you ever inviting them in or even knowing it is going on. The document describes how to shut some of the doors.

In theory, if you are on an isolated and protected network (e.g. at home with a router preventing the bad guys from knocking), you do not need to close any 'doors'. However, I'll claim it is worth closing these doors anyway. You never know when something will fail or an infected laptop will join your network and attack your home machine. If you are using this guide for a laptop, you definitely should follow these instructions.

Note there are legitimate reasons to allow some of these things to exist. Many are provided for sophisticated things that might be used at your work place or to allow machines to talk to each other - to share data. Very few, if any, of these things apply to you at home. However, if you just blindly follow the instructions here, something you want might break, so caveat emptor.

The following applies only to people who have XP installed. If you do not have XP, don't do this, you won't like the result.

Everything here can be undone, but undoing these things (e.g. re-opening the barn door) is not for the faint of heart. The first step is to disable various 'services' provided by Microsoft:

If you want to allow one of these, do not do the following, otherwise download and save the file WinXP-services.reg and then double click on it. If you don't know if you want these things, you probably don't. Ask your 'guru'. If you don't have a guru, then you don't need these and should apply the changes.

This next step sets 'policies' - rules to tell XP what to do when it gets network traffic. Our rules are:

Again, if you want to allow one of these, do not do the following. If you don't know anything about these things, you should probably follow these instructions. This is more clumsy to run because you must first get a tool from the XP CD that was not installed.

Prev Task List Next


Copyright (c) 2004 Terry Gliedt. Direct comments or questions to tpg@hps.com.
Be sure to use a subject of 'Coping with Windows' or your Email will likely be tossed out by my SPAM filters.
Last Revision: Dec 02, 2005