Security 101 for Windows Computers - XP and 2000

For Windows Vista, click here


 

UD IT Security Home

IT Help Center

Computer Security at UD

UD Security Tool Chest

News & Alerts

Accessing UD Systems

Reporting Incidents

UD Home

 

UD logo

  A.  Use a firewall.
  B.  Use up-to-date Anti-Virus Software.
  C.  Remove and Protect against Spyware.
  D.  Keep Current with your Computer's Security Patches.
  E.  Set up Desktop Security.
  F.  Connect securely to other Systems / Computers.
  G.  Backup your files regularly.

This checklist provides recommendations for establishing and maintaining desktop computer security.

If your department has computer support personnel (CITAs), please check with them first before making any changes to your computer.



Use a firewall

  • The Internet is a dangerous place for your computer. If it's new or you haven't installed all applicable security patches, your computer will load an Operating System that is out-of-date and vulnerable to compromise, infection, theft or destruction of data and loss of privacy. Worms and malicious scanning software can exploit Operating System vulnerabilities the minute you plug into the network if you are not using a firewall.
     
  • Only one firewall should be active on a computer.
    Windows XP users:  Activate the Windows built-in firewall.
    Windows 2000 users:   See Microsoft's list of vendor firewalls for links to third-party firewall resources.

Use up-to-date Anti-Virus Software

Remove and Protect against Spyware

Keep Current with your Computer's Security Patches

  1. Update Windows / Microsoft software and configure future automatic updating.
    • Microsoft Update patches known security holes in your Windows operating system and in Microsoft software installed on your computer. These updates MUST be applied to prevent your system from being compromised.
    • Microsoft NEVER sends patches by e-mail. Do not open e-mail attachments claiming to be Microsoft patches.
    • Microsoft issues patches, along with explanatory Security Bulletins, on the second Tuesday of every month. Patches are also issued at non-scheduled times to deal with immediate risks. See www.microsoft.com/security for the latest info.
    • See Step-by-Step instructions to update Microsoft software and configure future updates to download automatically.
       
  2. Application Critical Security Updates
    UD-supported software
    See UDeploy software distribution.
    For the Firefox browser, see How to Update to New Versions (and patches) of Firefox browser.
    RealPlayer
    See www.udel.edu/stream.
    Apple's QuickTime multimedia player
    • Apple's QuickTime software is used to play or view any video, audio, VR, or graphics file compatible with QuickTime.
    • Once a month, start the QuickTime Player program and go to Help-Update Existing Software...
    • If software updates are found, follow the prompts to get the latest version.


Set up Desktop Security

  1. Use STRONG passwords
    • In Windows XP and 2000 your login password protects access to local files on your computer as well as remote (networked) resources. See password creation tips.
    • Review additional password recommendations.
    • How to set/change passwords in Windows XP and Windows 2000.
    • DON'T enable the Save Password option. If you receive a dialog box asking if you would like the computer to remember the password, choose NO. Make it mandatory for you or anyone else to enter a password to access your information.
    • Password-protect your screensaver to lock your computer after a specified time period of inactivity.
       
  2. Disable the Guest account: Windows XP   Windows 2000.
     
  3. To prevent other user accounts on a Windows XP computer from viewing your files or folders, see "Make your folders private" in Windows Help.
     
  4. Configure Windows XP / 2000 to show hidden files/folders and all file extensions:
    • Open the Windows Explorer program
    • Choose Tools/ Folder Options/ View
    • Check "Show hidden files and folders"
    • Uncheck "Hide file extensions for known file types"
    • Showing all file extensions can prevent harmful files frequently used by viruses and worms, (such as EXE, VBS, SHS, or PIF) from masquerading as harmless text (TXT) or image (JPG) files.
       
  5. Review guidelines concerning the protection of Personal Non-Public Information (PNPI). Use software tools to encrypt sensitve data stored on your computer.
     
  6. Disable unnecessary System services.
     
  7. Web browsers
    • Firefox:
    • Internet Explorer:
      • Reset browser security settings to default: Windows XP   Windows 2000.
      • DON'T specify AutoComplete for Usernames and Passwords on forms.
        • Internet Explorer allows certain information to be saved and used to automatically complete web forms. Although a convenience, it creates security problems if another person uses the computer.
        • Go to Tools-Internet Options-Content-AutoComplete (under Personal Information).
        • Do not check "Use AutoComplete for usernames/passwords on forms".
        • If it was checked, click on Clear Forms and Clear Passwords.
           
    • Clear Browser's cache after visiting secure sites.  To safeguard information you have entered on a secure site, clear the cache memory after completing the secure transaction.
  8. E-mail
    • Be on guard when reading e-mail. Review Safe Practices.
    • Do not save your password during desktop e-mail configuration. If you do, anyone with access to your computer can bring up your e-mail.
    • PINE e-mail: Exit by specifying "quit" to safeguard your account data.
       

Connect Securely to Other Systems

When logging into an e-mail account or other application requiring username and password be sure to us encrypted protocols - https, SSL/TLS or VPN to protect your access credentials from being disclosed to others. If it is transmitted in the clear, it can be stolen - resulting in identity theft. Wireless connections are especially vulnerable to this risk. What you do over a wireless connection is often transmitted "in the clear" and can be anonymously viewed by others with freely available tools.

  1. Terminal Sessions and File Transfers
  2. Windows File Sharing
    • Do not share your full drive or Windows directory.
    • Block access of shared resources to everyone without a valid username/password.
    • If you give "everyone" or "Guest" access to your shared files, then all Internet users will be able to share your files when you are connected to the Internet.
       
  3. Peer-to-Peer File-Sharing programs
  4. Connecting to Campus Systems from Off-Campus
    • Use VPN encryption software if you need to transmit confidential data while working off-campus. Using VPN will secure wireless and wireline connections to campus-based systems.
       
  5. Web Browsing
    • If you are logging into a web page with a username and password, or confidential information is contained on a web page, be sure the connection is encrypted using "https" in the URL - secure http. (See example.)
       
  6. E-Mail Clients

Backup your files regularly


Questions / comments?
Copyright © 2005, University of Delaware.