Skip to content Accesskey=4Skip to sub-navigation Accesskey=3View our Accessibility Options MIT Information Services and Technology Home About IS&T Contact IS&T Site Map Search Advanced Search
Getting StartedGetting Services by Topic or Alphabetically Getting Help
On This Page
On This Page

Introduction

Before going online

Additional steps once online

And to keep your computer protected



Tips

Ask a technology-related question by visiting the Getting Help page.

 


Windows XP: Securing Your Computer Before Going Online

 

Note

Note: Use these instructions at your own risk! They were originally intended for IS&T Help Desk internal use. Only clients experienced in installing, troubleshooting, and making repairs to Windows Operating Systems should attempt to follow these instructions on their own. If you choose to proceed, be aware that IS&T assumes no responsibility for any problems encountered.

Introduction

In today's hostile network environment, where the record for an unprotected machine getting infected by a worm/virus is probably around 15 seconds, it is very important to put as many protections on your new (or newly-reinstalled) computer as possible before allowing it to go on the Net.

Before Going Online

  1. Make sure Windows XP Service Pack 2 (SP 2) is installed.

    SP 2 is free from Microsoft, and fills in some of the holes attacked by worms such as Blaster. To check to see if SP 2 is already installed, right-click on the "My Computer" icon on your Desktop or in your Start menu and go to "Properties". Some information about your computer will be displayed in the top right corner of the window.



    2. If you see "Service Pack 1" or no service pack information at all, do NOT allow your computer to go on the network until you have installed SP 2. To do so, download the stand-alone installer from Microsoft (WindowsXP-KB835935-SP2-ENU.exe) on another computer and burn the file to CD or copy it to a memory stick/external drive, etc. to install on your computer.

  2. Make sure the Windows firewall is active.

    Windows XP machines with Service Pack 2 installed will have the Windows firewall enabled by default. You should double-check by going to the Control Panel > Windows Firewall.



    If the firewall is set to "off", you may have a third-party firewall such as Norton Internet Security, ZoneAlarm, etc. installed. Take a look at your "Add/Remove Programs" Control Panel to check. If no third-party firewall is installed, turn on the Windows firewall.

    3. Note

    Note: Third-party firewalls are tricky to use and may wreck havoc on your internet connectivity (such as stopping Internet Explorer from reaching websites) if you don't know how to use them effectively. Read any documentation that comes with the software or research the vendor's website. If you're unwilling to spend the time to learn about your firewall, you're probably better off using the built-in Windows firewall. In that case, uninstall the third-party firewall using "Add/Remove Programs" in the Control Panel and activate the Windows firewall.


  3. Put a password on your user account.

    It may be annoying to have to enter a password every time you want to log into your computer, but consider that having no password on your computer is like leaving the door to your house wide-open to anyone passing by on the street. In addition, if a remote intruder gains access to your computer, they can use it to attack other computers on the network using any information they find on the machine and/or your machine's processing power.

    To put a password on your user account, go to the "User Accounts" Control Panel. Click on your user icon and select the "Create a password" option. For tips on creating a strong password (as important as having a password), see Microsoft's article "Creating Stronger Passwords".


  4. Install a virus-scanning program.

    Having a virus scanning program is very important in today's virus- and spyware-ridden networking environment. The virus scanner won't be too effective until you can go online and update its virus definition files, but some modern virus scanning programs come with built-in port-blocking and buffer overflow protection, so it would be worth it to install the program before you go online.


  5. You are now ready to go online...but there are some additional security steps you need to take as soon as you get online.

[Back to top]

Additional Steps Once Online

  1. Install security and critical Windows XP updates from Microsoft's update server. In Internet Explorer, go to the Tools menu > Windows Updates to go to the update site. Follow the instructions to let Microsoft scan your computer for the updates you need to install.


  2. Update your virus-scanning software. Read your software's documentation to find out how to do this.

[Back to top]

Keep Your Computer Protected

  • Keep up-to-date with Windows Updates.

  • Keep up-to-date with your virus-scanning software.

  • You may also want to install a spyware prevention/checker such as Microsoft's Anti-Spyware, Lavasoft's Ad-aware, and/or Spybot Search and Destroy (all free applications). Unlike virus scanners, you can have several spyware scanners installed on your computer at the same time.

 

MIT Home | Getting Started | Getting Services | Getting Help | About IS&T | Accessibility
Ask a technology question or send a comment about this web page.