May 31st, 2003, 18:22 PM
Guide to Windows Online Security & Privacy
Making your Windows OS more secure and improving your privacy online is an awkward enough process given the sheer number of things that can be done to improve it. In this guide we will cover many of such known solutions for various popular applications which should make your system more secure as well as less prone to viruses. The guide has been prepared to be aimed at Windows 2000/XP users, though a lot of the stuff contained also applies to earlier versions of the OS, in addition to Internet Explorer & Outlook Express.
Security Options Configuration
Once more click on Start, Run type in secpol.msc & click Ok. Expand Local Policies & select Security Options. There are many options in the security options editor that can be used to further tighten your system. Several options worth setting to Disabled being:
Interactive logon: Do not require CTRL+ALT+DEL.
Microsoft network client: Send unencrypted password to connect to third-party SMB servers.
Network access: Allow anonymous SID/name translation.
Network access: Let Everyone permissions apply to anonymous users.
Recovery console: Allow automatic administrative logon.
Recovery console: Allow floppy copy & access to all drives & all folders.
Whereas several options to consider setting to Enabled being:
Devices: Restrict CD-ROM access to locally logged-on user only.
Devices: Restrict floppy access to locally logged-on user only.
Interactive logon: Do not display last user name.
Microsoft network client: Digitally sign communications (if server agrees).
Network access: Do not allow anonymous enumeration of SAM accounts.
Network access: Do not allow anonymous enumeration of SAM accounts & shares.
Network security: Do not store LAN Manager hash value on next password change.
System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links).
View the Full Guide