Windows Security Topics

Summary:
  1.  How to Disable File and Print Sharing
  2.  How to disable the Messenger Service in Windows XP
  3.  E-mail Security Settings for UD-Supported Desktop E-mail
  4.  Web Browser Security Settings for UD-Supported Web Browsers
  5.  Password-Protect All Accounts on your Computer
  6.  Protect your files with a Screen Saver Password
  7.  Activate your computer's firewall or use firewall software

1. How to Disable File and Print Sharing

   
   Win NT/2K/XP:

   	1. Open the Network Control Panel.
   	2. Choose the "Local Area Connection" - Right-click on it and select "Properties".
   	3. Uninstall or Disable the "File and Print Sharing" Service.
   

---

2. How to disable the Messenger Service in Windows XP

   • The XP Messenger Service is not the same as Windows Messenger or MSN Messenger, which are instant messaging services. The XP Messenger service is a text-only broadcast service for system administrators to send alerts to users.
      
   • Marketers are now using this builtin XP service to send SPAM messages over the Internet.
      
   • If you see what appears to be a regular Windows dialog box with "Messenger Service" in the title bar and spam in the body of the dialog box, you've been "Messenger Service Spammed".
      
   • How to stop the messages and shut down the service:

        1. Click Start and then click the Control Panel.
        2. In the Control Panel, click the link on the left side that allows you to switch to Classic View.
        3. Open Administrative Tools.
        4. In the Administrative Tools window, open the Services console.
        5. In the Services console, scroll to the Messenger service entry. Right click on it and click Properties.
        6. In the Messenger Properties dialog box, click the Stop button.
        7. After the service stops, click the down arrow in the Startup type drop down list box and select Disabled.
        8. Click Apply and then click OK.
     

   ---

3. E-mail Security Settings for UD-Supported Desktop E-mail

   • Turn off the Preview pane. This will help curb the spread of viruses and block web bugs.
   • MS Outlook Express 5.5+ : View - "Layout...". Uncheck "Show preview pane" box.
   • Netscape 4.77, 4.79 : View - "Show". Uncheck "Message".
      
   • Use Secure Socket Layer (SSL) for incoming messages:
   • MS Outlook Express 5.5+ : Tools-Accounts-Choose the UDEL mail account and hit "properties". Go to the "Advanced" tab Look under "Incoming mail IMAP" and select "This server requires a secure connection (SSL)".
   • Netscape 4.77, 4.79 : Edit-Preferences-Mail and Newsgroups-Mail Servers-Select the incoming mail server and hit Edit button. Go to the IMAP tab and check "Use secure connection (SSL)"
     Note: Edit-Preferences-Mail and Newsgroups-Mail Servers- "Use Secure Socket Layer for outgoing messages" should be set to "NEVER".
      
   • Disable viewing of scripts and active content in e-mail:
     • MS Outlook Express 5.5+ : Tools - Internet Options. Virus Protection- Check "Restricted sites Zone (more secure)"
       Then open Internet Explorer. Go to Tools-Internet Options-Security. Select the "Restricted Sites Zone" and set default level to "High".
     • Netscape 4.77, 4.79 : Edit-Preferences-Advanced ; Make sure "Enable Javascript for Mail and News" is NOT checked.
      

   ---

4. Web Browser Security Settings for UD-Supported Web Browsers

• Check options specified for AutoComplete:
  Internet Explorer allows certain information to be saved and used to automatically complete web forms. Although a convenience, it creates security problems if another person uses the computer.
  
  
  • MS Internet Explorer 5.5+ -
    Tools-Internet Options-Content-AutoComplete (under Personal Information).
    Do not check "Use AutoComplete for usernames/passwords on forms".
     
• Clear Browser cache when closing the browser:
  Your browser's cache stores the contents of all web pages you have visited during a session. To prevent another user from viewing this information and to increase the efficiency of your computer, empty cache when the browser closes.
  
  
  • MS Internet Explorer 5.5+ -
    Tools-Internet Options-Advanced-Security.
    Check "Empty Temporary Internet Files folder when browser is closed".
     
  • Netscape 4.x users: No such option - users must manually clear disk and memory cache as described below.
     
• Clear browser's cache after visiting secure sites:
  To safeguard information you have entered on a secure site, clear the cache memory after completing the secure transaction:
  
  
  • Netscape 4.x users:
    

                  1. Select Edit, then Preferences.
                  2. Select Advanced from the Category listing.
                  3. Select Cache.
                  4. Select the Clear Disk Cache button then the Clear Memory Cache buttons.
                  5. Select OK.
    			 

  • Internet Explorer 5.5+ users:   Follow procedure listed above and then close the browser, OR clear cache after completing secure transaction as described below.
    

                   1. Select Tools, then Internet Options.
                   2. Select the General tab at the top.
                   3. Select Delete Files.                (this clears browser cache)
                   4. Select OK.
                   5. Select the Clear History button.    (this clears the list of links to pages you visited)
                   6. Select Yes to confirm.
                   7. Select OK to close the Internet Options Screen.
    						  

---

5. Password-Protect All Accounts on your Computer

Note: Faculty/Staff should check with their Computer support personnel before attempting to change Administrator passwords on office computers.

Windows 2000
• Change your Account password:

      1.  After logging on, press the CTRL + ALT + DEL keys together. 
      2.  Click the Change Password button in the dialog box that appears. 
      3.  Type your old password and the new password twice, as indicated. 
      4.  After completing this successfully, use this new password every time you logon to your computer.  
  	

• Change the Administrator Account password and check for any other accounts:

      1.  Go to the Start menu and choose Settings and then Control Panel. 
      2.  Double-click the Users & Groups icon. 
      3.  Highlight the username Administrator in the white box and click Set Password. 
      4.  You may need to verify the old password and supply a new password (twice) for the Administrator account. 
      5.  Repeat this step for any other accounts on your computer. 
       

Windows XP
• Set / Change User Account Passwords:

      1.  Go to the Start menu and choose Control Panel
          (or Settings-Control Panel if the Classic Start Menu is used). 
      2.  Double-click the User Accounts icon. 
      3.  Pick an account and click Create or Change Password. 
      4.  You may need to type the current password and then supply a new password twice. 
      5.  Repeat this step for any other accounts on your computer. 
  	

• Set / Change the Administrator Account password:

      1.  Boot the computer in Safe Mode by turning the machine on and immediately pressing the F8 key several
          times until the Advanced Windows menu appears.  
      2.  Use the arrow keys to highlight Safe Mode and press the ENTER key. 
      3.  At the login screen, click on the Administrator icon and type in the password
          (or hit ENTER if the password has not been previously set.)
          If you do not see an Administrator icon, type in the username Administrator         
      4.  Change the password for this account as described above.
  	

---

6. Protect your files with a Screen Saver Password

• This will lock your computer when the screen saver is activated. When you begin working again you will be prompted to type your password to unlock it.
   
• Your screen saver password is the same as your computer account logon password.

      1.  Go to the Start menu and choose Control Panel
          (or Settings-Control Panel if the Classic Start Menu is used).
      2.  Double-Click Display. 
      3.  Go to the Screen Saver tab and choose a Screen saver in the drop-down box.
      4.  Choose a Wait time before the Screen saver will start. 
      5.  Windows XP:  Select the "On resume, password protect" check box  OR  if Fast User Switching is turned on,
           select the "On resume, display Welcome screen" check box.
      6.  Windows 2000:  Select the "Password protected" check box.
  
     

---

7. Activate your computer's firewall or use firewall software

   • Firewalls protect your computer from Internet worms that exploit open ports and operating system vulnerabilities.
   • Only one firewall should be active on a computer. Windows XP has a built-in firewall that can be activated as follows:
      

     Windows XP- before Service Pack 2 1. Click Start and then Control Panel. If your screen says "Pick a Category", click on "Switch to Classic View" on the left under Control Panel. 2. Double-click Network Connections. 3. Right-click Local Area Connection and select Properties. 4. Go to the Advanced tab, under Internet Connection Firewall and check the box: "Protect my computer and network by limiting or preventing access to this computer from the Internet"

     Windows XP-Service Pack 2 Users: See Control Panel-Security Center to check/change the Windows Firewall setting.

Security & The Internet   News & Alerts   Reporting Incidents   Using the UD Network   UD Security Tool Chest   Microsoft Links  
UD Security Home   IT Help Center   UD Home

Questions / comments?
Copyright © 2003, University of Delaware.