The following list includes five things you can do to make sure your Windows XP Home edition is secure- including tricks and tips you might need to know in order to follow the advice from the other articles and implement those recommendations on this operating system.
1. Password Protect The Guest Account: This security measure is discussed in Microsoft Windows Security 101. However, it is not an easy or intuitive task in Windows XP Home. If you open the Control Panel and select User Accounts you will see a list of the users that are able to log on to the system. Selecting your own user account you will see an option that says "Assign Password" or, if a password is already assigned, "Change My Password". However, if you select the Guest account your options are limited to "Turn On The Guest Account" or "Turn Off The Guest Account" as the case may be.
Windows XP Home uses the Guest account as an integral part of network file and folder sharing. Using Simple File Sharing, when you share out a file or folder it is accessible to anyone who can "see" your computer. If you don't have other security measures in place such as a firewall that means that users on the public Internet may be able to connect to your share using the Guest account.
Even if you select "Turn Off The Guest Account" it will only be turned off in terms of its ability to log on directly to Windows. In the background, the account will still be functional because Windows XP Home uses the Guest account to authenticate users connecting remotely to shared resources on that machine. It is virtually impossible to truly disable the Guest account and doing so would cause a number of problems on a Windows XP Home computer.
So, in order to protect your system and ensure that not just anybody can connect to your file or folder shares- even when using Simple File Sharing- you need to assign a password to the Guest account. Because Windows XP Home offers no "easy" point and click solution to help you, you will have to use the command prompt. Click on Start, then All Programs, then Accessories and finally select Command Prompt. Once you have the black command prompt window open you will type the following:
- net user guest <password>
You will of course replace the brackets and the word "password" with the password you wish to assign. Refer to the Password Security article for tips on choosing a good password.
2. Enable The Internet Connection Firewall (ICF): Microsoft Windows XP - both Home and Professional editions- come with a built-in firewall. Unfortunately, it is not enabled by default so you have to know enough to go in and turn it on. For the record, I actually recommend that you leave ICF disabled and install a 3rd-party firewall such as Zone Labs ZoneAlarm which has a version available for free for personal use.
The advantage of using a 3rd-party product like ZoneAlarm is that it monitors both inbound and outbound traffic. ICF only monitors and blocks inbound traffic. That is great for protecting you from external hacking or malicious activity, however it will not protect you from situations where a virus or Trojan on your system attempts to initiate unauthorized or malicious network activity out from your computer.
In any event, ICF is better than nothing. It is free and it is built in. So, if you choose not to download and install a 3rd-party product you should at least turn on the Internet Connection Firewall. To enable ICF you need to select Network and Internet Connections from the Control Panel. Then select the Network Connections icon at the bottom of the screen.
At this point you need to right-click the network connection you want to enable ICF on. For most home users there should only be one network connection present. Simply right-click it and select Properties. Click on the Advanced tab and click the checkbox next to "Protect my computer...".
Once you enable ICF, the Settings button at the bottom of the Advanced tab will be enabled as well. If you click on Settings you can configure ICF to allow certain traffic through and what sorts of information you want logged. Most users will be fine leaving this on the default settings.
Whether you use ICF or some 3rd-party firewall, be aware that should you suddenly start experiencing problems connecting with certain sites, computers on your network or the Internet as a whole- your firewall is the first place you should look. Odds are there is some firewall rule that is blocking traffic you would rather allow.