M
mattv
Hi all,
I am trying to collate various information around the net on how to
rebuild XP hardened. Please see below my list so far. I would
appreciate any comments, feedback or additions that could help me on
this journey.
Cheers
Rebuild Microsoft Windows XP SP2 - Hardened
1. Disconnect network cable
2. Install OS
3. Patch OS (download before rebuild)
4. Adjust swap file - stripe across drives and fix size
5. Disable error reporting
6. Disable TCP/IP
a. Disable netbios over tcp/ip {no side effect unless u using
netbios names} goto start--->control panel ---->network and internet
connections --->network connections right click on your (local ,
whatever u use) connection and goto properties right click tcp/ip goto
options , click on advanced and select the tab WINS, clear the
disable netbios over tcp/ip checkbox.
7. Disable (better uninstall) client for microsoft networks and file
and printer sharing.
8. Harden OS
a. Update Hosts File
b. Disable the Guest Account & Extra accounts
c. Uncheck Indexing Tab
d. Disable admin shares
e. Disable the welcome Screen
f. Password protect accounts
g. Set Clear virtual memory page file
h. Turn off Simple File sharing
i. Disable Services
i. Alerter
ii. Application Layer Gateway Service
iii. ClipBook
iv. Computer Browser
v. Distributed Link Tracking Client
vi. Distributed Transaction Coordinator
vii. DNS Client
viii. Error Reporting Service
ix. Fast User Switching Compatibility
x. FTP Publishing service
xi. Indexing Service
xii. IMAPI CD-Burning COM
xiii. IPSEC Services
xiv. Messenger
xv. Net Logon
xvi. NetMeeting Remote Desktop Sharing
xvii. Network DDE
xviii. Network DDE DSDM
xix. Network Location Awareness
xx. Network Provisioning Service
xxi. Performance Logs and Alerts
xxii. QoS RSVP
xxiii. Remote Registry
xxiv. Routing and Remote Access
xxv. Secondary Logon
xxvi. Server
xxvii. Smart Card
xxviii. Smart Card Helper
xxix. SNMP Service
xxx. System Event Notification
xxxi. TCP/IP NetBIOS Helper
xxxii. Telnet
xxxiii. Terminal Services
xxxiv. Uninterruptible Power Supply
xxxv. WebClient
xxxvi. Wireless Zero Configuration
xxxvii. WMI Performance Adapter
9. Install graphics driver
10. Install Utilities
a. IZARC
b. CCleaner
11. Install Internet utilities
a. Firefox
12. Install multimedia apps
a. Nero
b. DVD Shrink
13. Install security applications
a. CCleaner
b. Windows defender
c. AVG Free
d. AVG anti Spyware
e. Sandboxie
f. Spybot
g. Ad Aware
h. Spyware Guard
i. A2 Free
j. Heidi Eraser
k. Sunbelt Personal Firewall
l. Safe XP
m. MRU blaster
n. XP Antispy
14. Prevent not-needed programs from starting up
a. Run > msconfig > Start-up > Uncheck unneeded start-up items
I am trying to collate various information around the net on how to
rebuild XP hardened. Please see below my list so far. I would
appreciate any comments, feedback or additions that could help me on
this journey.
Cheers
Rebuild Microsoft Windows XP SP2 - Hardened
1. Disconnect network cable
2. Install OS
3. Patch OS (download before rebuild)
4. Adjust swap file - stripe across drives and fix size
5. Disable error reporting
6. Disable TCP/IP
a. Disable netbios over tcp/ip {no side effect unless u using
netbios names} goto start--->control panel ---->network and internet
connections --->network connections right click on your (local ,
whatever u use) connection and goto properties right click tcp/ip goto
options , click on advanced and select the tab WINS, clear the
disable netbios over tcp/ip checkbox.
7. Disable (better uninstall) client for microsoft networks and file
and printer sharing.
8. Harden OS
a. Update Hosts File
b. Disable the Guest Account & Extra accounts
c. Uncheck Indexing Tab
d. Disable admin shares
e. Disable the welcome Screen
f. Password protect accounts
g. Set Clear virtual memory page file
h. Turn off Simple File sharing
i. Disable Services
i. Alerter
ii. Application Layer Gateway Service
iii. ClipBook
iv. Computer Browser
v. Distributed Link Tracking Client
vi. Distributed Transaction Coordinator
vii. DNS Client
viii. Error Reporting Service
ix. Fast User Switching Compatibility
x. FTP Publishing service
xi. Indexing Service
xii. IMAPI CD-Burning COM
xiii. IPSEC Services
xiv. Messenger
xv. Net Logon
xvi. NetMeeting Remote Desktop Sharing
xvii. Network DDE
xviii. Network DDE DSDM
xix. Network Location Awareness
xx. Network Provisioning Service
xxi. Performance Logs and Alerts
xxii. QoS RSVP
xxiii. Remote Registry
xxiv. Routing and Remote Access
xxv. Secondary Logon
xxvi. Server
xxvii. Smart Card
xxviii. Smart Card Helper
xxix. SNMP Service
xxx. System Event Notification
xxxi. TCP/IP NetBIOS Helper
xxxii. Telnet
xxxiii. Terminal Services
xxxiv. Uninterruptible Power Supply
xxxv. WebClient
xxxvi. Wireless Zero Configuration
xxxvii. WMI Performance Adapter
9. Install graphics driver
10. Install Utilities
a. IZARC
b. CCleaner
11. Install Internet utilities
a. Firefox
12. Install multimedia apps
a. Nero
b. DVD Shrink
13. Install security applications
a. CCleaner
b. Windows defender
c. AVG Free
d. AVG anti Spyware
e. Sandboxie
f. Spybot
g. Ad Aware
h. Spyware Guard
i. A2 Free
j. Heidi Eraser
k. Sunbelt Personal Firewall
l. Safe XP
m. MRU blaster
n. XP Antispy
14. Prevent not-needed programs from starting up
a. Run > msconfig > Start-up > Uncheck unneeded start-up items