Many of us who use use security products on our computers religiously are bewildered to find that we still get infected with malware. How does this happen? No matter what we do, our computers are constantly in touch with the vectors that carry malicious software. Thomas Greene explains what this means, and what we can do about it.
If youíre the owner of a Windows machineóeven if youíre the only person who uses itóthe surest step that you can take toward improved system security and user privacy, after installing Mozilla and disabling unnecessary services, is to set up an individual user account with limited privileges for yourself and everyone else who uses the computer.
Before you begin, itís necessary to set your file display characteristics and permissions so that you can control them yourself. Windows defaults to a condition called simple file sharing, which is an obstacle to good security in general, and to setting proper file and directory permissions in particular.
Go to the desktop Start menu and choose Settings -> Control Panel -> Folder Options. The Folder Options dialog will launch.
Choose the tab labeled View from the top of the Folder Options dialog.
Check the boxes or radio buttons next to the items labeled Display the contents of system folders and Show hidden files and folders (Figures 2-6 and 2-7).
Next, clear the checkbox next to the item labeled Hide protected operating system files (Recommended). You will be warned against clearing this box, but you need to know whatís on your system if you want to make it more secure. Ignore the warning (Figures 2-6 and 2-7).
Finally, clear the checkbox next to the item labeled Use simple file sharing (Recommended). Click Apply and finally OK (Figures 2-6 and 2-7).
Figure 2-6.The Folder Options dialog with recommended settings
Figure 2-7.The Folder Options dialog with recommended settings, continued
Now, if you didnít choose an Administrator password when you installed Windows XP, do this first. Incredibly, Microsoft permits users to run XP as a single-user system, defeating its inherent security advantages, and permits the creation of accounts without password protection. However, thereís no reason for you to follow a bad example.
If youíre installing Windows XP, itís best to set an Administrator password when the opportunity is presented so that you wonít have to bother with it later. Windows makes setting an Administrator password after the installation more complicated than it ought to be, but if it hasnít been done, it definitely needs doing. So letís get it out of the way.
Go to the desktop Start menu and choose Run and type in compmgmt.msc. Click OK, and the ComputerManagement dialog will launch.
In the left pane, select Local Users and Groups, expand the tree, and choose Users.
>You will see several users listed in the right pane, such as the Administrator, Guest, and the name you chose for yourself when you installed Windows, which is also an administrator (Figure 2-8). Windows XP sets the person who installs the system as an administrator, but not the Administrator. Whatís the difference between the Admin and an admin? Basically, the Admin is an inbuilt account coded into Windows, whereas an admin is whoever installed the system, plus any other users he decides to nominate for the honor. Letís concern ourselves first with the Admin, or the built-in account.
Highlight the Administrator account and right-click. The drop-down menu allows you to set or reset the password. If youíve already set a password but think it might be weak, then you should reset it with a better one, using the instructions that follow.
Make your password a difficult one, combining uppercase and lowercase letters, numerals, and special characters like the dollar and pound signs. It should be at least eight characters in length, though when it comes to passwords, longer is always better. I recommend using a short phrase that makes no sense, like ďsleazy bricks.Ē Use some uppercase and some lowercase letters, and substitute characters that resemble a few of the other letters so it looks something like this: sl34ZybR1@k$. Note that weíve substituted numbers and special characters that, at least vaguely, resemble the letters theyíre standing in for to make the password easier to memorize. You can write it down and keep it in a secure place until youíre sure youíve memorized it. A password like this will be practically impossible to brute force or crack with a dictionary attack.
When you set the Admin password, you will receive a warning that numerous problems might arise. Ignore it.
Once youíve pass-protected the built-in Administrator account, set a strong password for yourself as an administrator, associated with the username you chose when you installed Windows XP.You can use the same password for both accounts with little risk, so long as itís a tough one according to our guidelines. It is usually safe for home users to disable the remaining built-in accounts provided by Microsoft, except the Guest account, which may prove useful. Personally, I would disable every account except the Admin, your admin account, and the Guest account at this point (unless youíve already added users, obviously).
To enable or disable an account, select it in the Computer Management dialog, use the right-click menu, and choose Properties. In the Properties dialog, under the General tab, find the checkbox next to the option Account is disabled (Figure 2-9).
Figure 2-8. The Computer Management dialog withUsers selected
If you havenít established a user account for yourself or added any other users, you should do so now. But you can close the Computer Management dialog at this point; things will get easier from here.
Now itís time to add users, and this means you too.Youíll remain an administrator, of course, but youíre going to set up and start working from an unprivileged account except when admin access is needed for altering system settings or installing software, just like any security-savvy person. This is not difficult:
Open the Start menu and go to Settings -> Control Panel -> User Accounts. A window will open, most likely reminding you that you are the system administrator.
Create a user account for yourself. Choose Create a new account, and then choose a login name. Choose limited for the account type and click the Create Account button.
Now create a password for the account. This is the account you should use at all times, except when you need to perform administrative tasks.
Simply repeat the process, choosing limited accounts for each user. You can also activate the Guest account so that occasional visitors and house guests can use your computer without accessing any of the established user accounts. However, the Guest account is not password protected, so anyone can use the machine with it. Privileges are low, but this is not a good option if you are unable to supervise use of the computer for extended periods. If you donít set up the Guest account, it will not appear on the boot screen.
Once youíve got yourself and every other user working from limited-access accounts, you will enjoy a fundamental security advantage. Malware that you and other users pick up while surfing the Web or from e-mail or instant messaging will have less impact on the system. Scripts and malicious files will have less access to the system. Computer and Internet use by children can be restricted.
Linux does a far better job of sandboxing user accounts from the system than Windows, better limiting the impact of malware and risky behavior. Linux passwords are also more difficult to crack because theyíre hashed more effectively. However, by taking full advantage of the multiuser features of Windows XP, you will in fact go a considerable distance toward improving security and user privacy.
Linux users have it easier from the start. They are required to set up a root account with a password, plus at least one user account (also with a password), when they install the system. Linux doesnít allow users to make the mistake of running their PCs as single-user systems. Novices who are in the habit of running their computers from the root account should immediately switch to running from a user account. It is rarely necessary to use the root account as a working environment, because virtually all administrative functions are available from your user account. With a command shell, simply enter the command su and you will be prompted for the root password and granted root access. Close the shell when youíve finished your task, or anyone with access to your machine when your back is turned will have access to a root shell. Alternatively, you can lock the screen if you need to leave your computer while a root shell is open, that is, you can activate your screen saver in such a way that your password is needed to clear it, by choosing the Lock Screen option from the KDE Start menu. If you prefer using a GUI admin interface, such as Mandrakeís DrakX or SuSEís YaST, simply select it from the desktop menu and enter the root password when prompted. Make sure that your root password is at least eight characters long and difficult to guess according to the previous example. Itís best to hash passwords using MD5, which is stronger than the default. You will find this option in your admin interface under a category such as security and users. If you set up your system with weak passwords, by all means reset them with better ones.
This chapter is from Computer Security for the Home and Small Office by Thomas C. Greene (Apress, 2004, ISBN: 1590593162). Check it out at your favorite bookstore today. Buy this book now.