WinXP security policies

Discussion in 'other security issues & news' started by FluxGFX, Dec 19, 2003.

Thread Status:
Not open for further replies.
  1. FluxGFX

    FluxGFX Registered Member

    Jan 23, 2003
    Now I was playing in the Administrative tools....

    now looking here security policies...
    Does anyone have any information on to what I could tweak to make my system a forthnox look?

    Been fallowing NSA WinXP Security Guide wich is quite a bible they got there.
  2. rerun2

    rerun2 Registered Member

    Aug 27, 2003
    If you are interested in logging you may want to edit your audit policies. I would probably audit success and failure for all of them except for "Audit directory service access" and "Audit process tracking." I would probably only audit successful attempts for "Audit object access" as well. Once you have done this, it will be very important that you also adjust your settings in your Event Viewer. Go to Event Viewer and right click on each log (Application, System, Security) and select properties. Increase the maximum log size to a size that will fit your needs and also select "overwrite events as needed." This will prevent you from seeing a warning dialog that your logs are full on startup.

    You should also adjust your account lockout policy to maybe 3-4 invalid logon attempts. Lockout duration is personal preference. If you make secure passwords there should be no need to adjust anything under password policy. The only things might be if you want to set a maximum password age.

    User Rights Assignments can be difficult not knowing if you are on a network or if this a stand alone computer.

    But here are a couple of sites that may lead you in the right direction. - look under security policy control. - look under secure settings

    If you haven't already also make sure you have disabled un needed services. xp-AntiSpy is also a good program for XP

    I hope that helps you to get started.
  3. meneer

    meneer Registered Member

    Nov 27, 2002
    The Netherlands
    You could do worse than visiting the site. Their W2K3 security guide is very good, hardly any need to look elsewhere. I suppose they offer a similar approach for XP.
    Your XP system will not be a Fort Knox, it's a PC and it's running Windows. But it will be more secure than any other windows workstation.

    Besides... if you need a Fort Knox, I bet that you see the need for a hardware / linux firewall to secure your system.
Thread Status:
Not open for further replies.