tek8
Posts: 8 +0
Hey everyone, just thought I'd put up a quick tutorial on how to harden up your WinXP machine. I use no third party utilities, and my OS is Windows XP x64 with Service Pack 2. I am using Windows Firewall from the Security Centre.
Basically, what you want to do is disable HOSTS/LMHOSTS poisoning, stop your computer from broadcasting NetBIOS information (Your computer name, what domain/workgroup you belong to, etc.), and finally enable TCP/UDP port filtering on your connection.
First thing's first, lets disable HOSTS/LMHOSTS file poisoning. The HOSTS file is a pre-dated name resolution method, where you would resolve an IP address to a hostname. That is why if you open up your cmd.exe console, and type "ping localhost", it will show "pinging 127.0.0.1". You are pinging your loopback number, but instead of putting in the ip address, you can simply put in localhost. But this presents a security issue. Suppose you run a program, and it does what it is supposed to do, in the foreground. But in the background, it changes your HOSTS and LMHOSTS lookup file to point something like www.gmail.com to their own website, that looks exactly like the gmail site. So when you open up your browser, and go to check your email, you log into a fake site, and the hacker now has your username and password. To prevent this, do the following:
Go to Network Connections, find your connection, right click > properties > TCP/IP > Properties > Advanced > WINS Tab
in the WINS tab, disable LMHOSTS lookup, and disable NetBIOS over TCP/IP.
Simple as that, right? Now lets do some port filtering. Go to the Options tab, and find TCP/IP Filtering, and hit Properties. Check Enable TCP/IP Filtering.
Following ports should be opened if you are just doing basic web browsing.
TCP/80 (HTTP)
TCP/443 (HTTPS)
TCP/20 (FTP)
TCP/21 (FTP)
TCP/53 (DNS)
UDP/53 (DNS)
TCP/7 (PING)
There you have it, a basic tutorial on hardening your Windows XP box.
-tek8
Basically, what you want to do is disable HOSTS/LMHOSTS poisoning, stop your computer from broadcasting NetBIOS information (Your computer name, what domain/workgroup you belong to, etc.), and finally enable TCP/UDP port filtering on your connection.
First thing's first, lets disable HOSTS/LMHOSTS file poisoning. The HOSTS file is a pre-dated name resolution method, where you would resolve an IP address to a hostname. That is why if you open up your cmd.exe console, and type "ping localhost", it will show "pinging 127.0.0.1". You are pinging your loopback number, but instead of putting in the ip address, you can simply put in localhost. But this presents a security issue. Suppose you run a program, and it does what it is supposed to do, in the foreground. But in the background, it changes your HOSTS and LMHOSTS lookup file to point something like www.gmail.com to their own website, that looks exactly like the gmail site. So when you open up your browser, and go to check your email, you log into a fake site, and the hacker now has your username and password. To prevent this, do the following:
Go to Network Connections, find your connection, right click > properties > TCP/IP > Properties > Advanced > WINS Tab
in the WINS tab, disable LMHOSTS lookup, and disable NetBIOS over TCP/IP.
Simple as that, right? Now lets do some port filtering. Go to the Options tab, and find TCP/IP Filtering, and hit Properties. Check Enable TCP/IP Filtering.
Following ports should be opened if you are just doing basic web browsing.
TCP/80 (HTTP)
TCP/443 (HTTPS)
TCP/20 (FTP)
TCP/21 (FTP)
TCP/53 (DNS)
UDP/53 (DNS)
TCP/7 (PING)
There you have it, a basic tutorial on hardening your Windows XP box.
-tek8
