Have I done enough to secure my PC?

Hi,

I'm running an XP Pro PC on a LAN (Only for my use) and I am wondering
if I have done enough to secure it from other people accessing it
whilst on the LAN, and more importantly, when I am not around.


I've renamed (using the Local Security Policy editor in control panel)
the default administrator account and given it a password.
I've also renamed the default guest account and given that a password,
and turned it off.
I've also set only one login, my own, and set it so windows XP Pro
starts up with the "Press CTRL-ALT-DEL to start" box, which then gives
you two empty fields to enter.

My PC logs onto a Server 2003 server.
I set my own login password on the server (as I am an administrator),
though I can't be 100% there is no keylogging etc apps on it, there
shouldn't be.

Are there more steps I can or should take to prevent people from firing
up my PC when I'm not arround, and either looking at the contects of my
drive or installing any keylogging (for example) apps.

I am running Ad-aware SE, Zonealarm Pro and spybot search and destroy.
Also Symantec Antivirus, managed by the server.

Thanks

Re: Have I done enough to secure my PC?

> Are there more steps I can or should take to prevent people from firing
> up my PC when I'm not arround, and either looking at the contects of my
> drive or installing any keylogging (for example) apps.
>
> I am running Ad-aware SE, Zonealarm Pro and spybot search and destroy.
> Also Symantec Antivirus, managed by the server.
>
> Thanks

Add a network firewall. Add a AV scanner to each system. As for OS
"hardening" (that's what you're talking about above), go through directories
and make sure that only authorized users/services have permission to
read/write/execute. OS hardening examples and techniques can be found on
the MS website as well as other security sites on the Internet.

-Frank

Re: Have I done enough to secure my PC?

hq105862@hotmail.com wrote:
> Hi,
>
> I'm running an XP Pro PC on a LAN (Only for my use) and I am wondering
> if I have done enough to secure it from other people accessing it
> whilst on the LAN, and more importantly, when I am not around.

Unless you need windows (and it doubtful you do), install something like
Solaris x86. It is *much* more secure, and less people know what they
are doing with it, so are less likely to be able to hack it.

With Solaris x86, star office is installed by default, which allows you
to read/write word, excel and powerpoint files. Decent web browser,
acrobat.

If you are really concerned, get a Sun workstation and set the security
mode=full. Then someone will need a password to even boot it, no matter
if they try to boot from disk, CD or another machine on the network.
However, physically removing the disk will allow the data to be read,

I personally think a hardware firewall is more secure than a software
one, and they are available very cheaply now.


--
Dave K

http://www.southminster-branch-line.org.uk/

Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually. The month is
always written in 3 letters (e.g. Jan, not January etc)

Re: Have I done enough to secure my PC?

Hi try a hardware firewall that blocks intrusions on all ports:
www.alphashield.com

Full hard drive encryption should keep things safe for when your not
around (key loggers, etc)
http://www.ce-infosys.com/CeiHome.asp


* Anonymous Secure Offshore SHH-2 Surfing Tunnels
* Anonymous mail & news through SHH-2 Tunnels
* www.privacyoffshore.net (no logs Internet)
* www.privacyoffshore.info (no logs Internet)