Windows XP Security

Although both Professional and Home Edition versions of Windows XP are miles ahead of Windows 95/98/Me, only Windows XP Professional can come close to the venerated Windows NT/2000 security standards.

Information About Unlocking a Workstation 
Microsoft Knowledge Base Article: 281250 - This article describes the behaviors to expect when you attempt to unlock a locked workstation. 

Using Software Restriction Policies to Protect Against Unauthorized Software
Software restriction policies are a new feature in Microsoft© Windows? XP and Windows Server 2003. This important feature provides administrators with a policy-driven mechanism for identifying software programs running on computers in a domain, and controls the ability of those programs to execute. Software restriction policies can improve system integrity and manageability©which ultimately lowers the cost of owning a computer. Source: Microsoft.com

Windows XP Baseline Security Checklists
These checklists outline the steps you should take to reach a baseline of security with Windows XP Home Edition and Windows XP Professional computers, either on their own or as part of a Windows NT or Windows 2000 domain. Source: Microsoft.com

XP Professional Security Features: An Introduction
This is not intended to be exhaustive dissertation of all the new features in XP; rather, the purpose is to highlight some of the new security features found in the product, and to provide those still considering an upgrade to XP with some insight into how doing so can help them administer their network. Source: SecurityFocus

HOW TO: Configure a Preshared Key for Use with Layer 2 Tunneling Protocol Connections in Windows XP 
Microsoft Knowledge Base Article: 281555 - This article discusses how to configure a preshared key using the Layer 2 Tunneling Protocol (L2TP). 

How to Clear the Windows Paging File at Shutdown 
Microsoft Knowledge Base Article: 314834 - This article documents the method for clearing the Windows paging file (Pagefile.sys) during the shutdown process, so that no unsecured data is contained in the paging file when the shutdown process is complete. 

How to: Create and Disable Administrative Shares on Windows XP
Microsoft Knowledge Base Article: 314984 - This step-by-step article describes how to create and delete hidden or administrative shares on Windows XP Professional-based, Windows 2000 Professional-based, and Windows NT 4.0 Workstation-based computers.

HOW TO: Create and Use a Password Reset Disk for a Computer in a Domain 
Microsoft Knowledge Base Article: 306214 - This article describes how to create and use a password reset disk for a computer that is a member of a domain. You can use a password reset disk to gain access to your Windows XP Professional-based computer if you forget your password. 

HOW TO: Delegate Security for a Printer 
Microsoft Knowledge Base Article: 282902 - This article describes how to delegate security for a printer in Microsoft Windows XP. You are not able to delegate print operator security using Directory Services. Printer security is stored locally on the print server. 

HOW TO: Disable the Local Administrator Account in Windows 
Microsoft Knowledge Base Article: 281140 - This step-by-step article describes how to disable the local Administrator account. This information does not apply to the Domain Administrator account in an Active Directory domain. 

How to Quickly Lock Your Computer and Use Other Windows Logo Shortcut Keys 
Microsoft Knowledge Base Article: 294317 - This article describes how to quickly lock your computer as well as the other Windows logo shortcut keys that you can use. 

HOW TO: Quickly Lock Your Desktop by Clicking a Shortcut on the Taskbar 
Microsoft Knowledge Base Article: 313884 - You can create a shortcut on your taskbar that immediately locks your computer. When you click this shortcut, you achieve the same the result as you would if you were to press CTRL+ALT+DEL, and then click Enter

How to Set Security in Windows XP Professional That Is Installed in a Workgroup 
Microsoft Knowledge Base Article: 290403 - This article describes how to set permissions in a workgroup after an upgrade from Microsoft Windows 2000 Professional to Microsoft Windows XP Professional. 

HOW TO: Set WMI Namespace Security 
Microsoft Knowledge Base Article: 295292 - This article describes how to set namespace security in Windows Management Instrumentation (WMI). WMI security is based on namespaces. The schema is logically partitioned into namespaces for organizational and security purposes. You should use the Wmimgmt.msc Microsoft Management Console (MMC) snap-in to modify the security on WMI namespaces. In this tool, you can set security that is based off of the root or select individual namespaces. You can also use inheritance that is based on namespace hierarchy

HOW TO: Create and Use a Password Reset Disk for a Computer in a Domain in Windows XP
Microsoft Knowledge Base Article: 306214 - This article describes how to create and use a password reset disk for a computer that is a member of a domain. You can use a password reset disk to gain access to your Windows XP Professional-based computer if you forget your password

HOW TO: Create and Use a Password Reset Disk for a Computer That Is Not a Domain Member in Windows XP 
Microsoft Knowledge Base Article: 305478 - This article describes how to create and use a password reset disk for a computer that is part of a workgroup, or that is not connected to a network. You can use a password reset disk to gain access to your Microsoft Windows XP-based computer 

How to Log On to Windows XP If You Forget Your Password or Your Password Expires
Microsoft Knowledge Base Article: 318305 - This article describes how to log on to Windows XP if you forget your password, or if your password expires and you cannot create a new one. NOTE: If you have not created a password reset disk and you have also forgotten your Administrator password you cannot log on to your existing Windows installation for security reasons. This information applies to starting Windows XP typically, to Safe mode, and to Recovery Console. In this case, you must perform a "clean" installation of Windows XP, re-create all user accounts, and reinstall all of your programs. 

HOW TO: Manage Stored User Names and Passwords on a Computer That Is Not in a Domain in Windows XP 
Microsoft Knowledge Base Article: 306541 - This article describes how to manage stored user names and passwords on a computer that is not a member of a domain. 

HOW TO: How to Enable the Internet Connection Firewall Feature in Windows XP 
Microsoft Knowledge Base Article: 283673 - Microsoft Knowledge Base Article: 283673 - Microsoft Windows XP provides Internet security in the form of a firewall, known as the Internet Connection Firewall (ICF). This feature is designed for home and small business use and provides protection for computers directly connected to the internet. 

HOW TO: Enable or Disable Internet Connection Firewall in Windows XP
Microsoft Knowledge Base Article: 283673 - Microsoft Windows XP provides Internet security in the form of a firewall, known as the Internet Connection Firewall (ICF). This feature is designed for home and small business use and provides protection for computers directly connected to the Internet. This feature is available for local area network (LAN) or dial-up connections. It also prevents scanning of ports and resources (file and printer shares) from external sources. This article discusses how to enable the Internet Connection Firewall feature to provide Internet security for your computer. This article also discussed how to disable the Internet Connection Firewall feature, which may help in troubleshooting some applications that do not function as expected behind a firewall

How to Manually Open Ports in Internet Connection Firewall in Windows XP
Microsoft Knowledge Base Article: 308127 - This article describes how to manually open ports in Internet Connection Firewall (ICF) in Windows XP.

The Internet Connection Firewall Can Prevent Browsing and File Sharing 
Microsoft Knowledge Base Article: 298804 - When you enable the Internet Connection Firewall (ICF) feature, and then attempt to browse the Internet by means of My Network Places, you are unsuccessful. Also, if you use the net view \\ computername command, you can receive the following error message: System error 6118 has occurred. The list of servers for this workgroup is not currently available.

Internet Connection Firewall Does Not Filter or Provide Firewall Services During Startup and Shutdown
Microsoft Knowledge Base Article: 323009 - When you start or shut down your Windows XP-based computer, the Internet Connection Firewall (ICF) does not filter or provide firewall services. During the startup or shutdown process, users can connect to your computer or to any program or service

Internet Connection Firewall Does Not Block Internet Protocol Version 6 Traffic
With Microsoft Internet Protocol version 6 installed and Internet Connection Firewall enabled, Internet Protocol version 4 traffic is filtered by the firewall but Internet Protocol version 6 traffic is not blocked

Service Redirection Does Not Apply to Internet Connection Firewall
Microsoft Knowledge Base Article: 297942 - In Windows XP, the Internet Connection Firewall (ICF) and Internet Connection Sharing (ICS) features share a common interface for configuring services to which Internet users can gain access. With ICS, you can map services to hosts on the internal network, but ICF does not provide this functionality. ICF uses the service information to determine which services to allow through the firewall, but disregards the information that specifies which host should receive traffic for the given service. Therefore, if only ICF is enabled, traffic is allowed for the specified service to pass through the firewall and make a connection to the external interface. If the specified service is not listening on the external interface of the Windows XP ICF host, the connection does not work. If you are trying to redirect a service to an internal host, you must enable ICS

Windows ICF: Can't Live With it, Can't Live Without it
Windows ICF (Internet Connection Firewall) is the built-in firewall in Windows XP. For this article, SecuirtyFocus.com put ICF into the lab and set their security penetration testers loose at it to see how good it is. In this article, they'll will give an overview of ICF, see how ICF performs under a simulated attack, and discuss the pros and cons of ICF. Source: SecurityFocus.com

HOW TO: Enable or Disable the CTRL+ALT+DELETE Sequence for Logging On in Windows XP Microsoft Knowledge Base Article: 308226 - This articles describes how to enable or disable the CTRL+ALT+DELETE sequence for logging on in Windows XP. 

HOW TO: Change the Windows Logon Screen Saver 
Microsoft Knowledge Base Article: 185348 - This step-by-step article describes how to change the default logon screen saver. When you start Windows, a Begin Logon dialog box is displayed prompting you to press CTRL+ALT+DEL to log on. By default, if you do not press a key for 15 minutes, the Windows logon screen saver (Logon.scr) starts.

HOW TO: Change the Logon Window and the Shutdown Preferences 
Microsoft Knowledge Base Article: 291559 - Setup configures Windows XP to use the friendly Welcome logon screen and the shutdown buttons, if your computer is installed as a home computer (a computer where a network domain has not been specified). 

HOW TO: Configure Windows XP to Automatically Log On a User Account 
Microsoft Knowledge Base Article: 282866 - This article describes how to automatically log on a user account during the Windows startup process. 

How to Set Logon User Rights by Using the NTRights Utility 
Microsoft Knowledge Base Article: 315276 - This article describes how to set logon user rights by using the NTRights utility. The NTRights utility (Ntrights.exe) is included in the Windows 2000 Resource Kit. 

How to Set the NUM LOCK State at Logon in Windows XP 
Microsoft Knowledge Base Article: 314879 - This article describes how to set the NUM LOCK state to be on by default at logon. You can accomplish this by using a script file that runs either at startup or, in Windows XP Professional, through a Group Policy

HOW TO: Use the Fast User Switching Feature 
Microsoft Knowledge Base Article: 279765 - In Microsoft Windows XP, if you enable the Fast User Switching feature, multiple user accounts can log on to a computer simultaneously. This article describes how to enable and use this feature. With Fast User Switching, users can switch sessions without closing Windows, programs, and so forth. For example, User A is logged on and is browsing the Internet, User B wants to log on to their user account and check their e-mail account. User A can leave their programs running while User B logs on and checks their e-mail account. User A can then return to their session where their programs would still be running.

Secondary Logon (Run As): Starting Programs and Tools in Local Administrative Context 
Microsoft Knowledge Base Article: 225035 - Windows secondary logon allows administrators to log on with a non-administrative account and still be able to perform administrative tasks (without logging off) by running trusted administrative programs in administrative contexts. 

Administrator Unable to Unlock a "Locked" Computer 
Microsoft Knowledge Base Article: 242917 - After you restart a computer running Windows and no one has logged on, you may be unable to log on to the computer either locally or to the domain. 

A User Logon Request Is Rejected Without Any Messages 
Microsoft Knowledge Base Article: 313322 - If the security log is full and a restricted user with no password attempts to log on from the Windows XP Welcome screen, the logon request is rejected without any error messages.