Win XP Security - Are You Open to Attack? [part 2]
Cookies
and cookie settings
What
websites know about you
Credit
card numbers and other sensitive information
Disabling file and printer sharing
Stop
messenger pop-ups
Security exploit in Windows NT, 2000,
XP kernal
Cookies are tiny, usually harmless, text files put on your computer's hard drive by websites. They save passwords and user-names to make website log-ons easy, shopping carts, track website preferences and your naigation while visiting a website and when you revisit a website. Though rare, they can be spyware or data mining cookies, which means they track what websites you visit, then when you go back to the cookie's originating website that info is transferred to their server.
There are two types of cookies: session and persistant. Session cookies only remain on your hard drive until you either leave the cookies' originating website or you close your web browser. Persistant cookies remain on your hard drive and usually have expiration dates, though some expirations can extend into decades.
Cookie use has increased dramatically in the last few years, with it common now when you visit a website not only will it want to set cookies, but also from several third-party websites, usually advertisers.
Cookies are useful in tracking what webpages are viewed within a website. I use them myself. Yes, you're being tracked. :-) They allow me to weed out what webpages that aren't being loaded and improve the navigation within my website.
What to do with cookies is up to the user. Some set their web browsers to allow all cookies, ask the user what to do each time a website wants to set a cookie, only allow session cookies, or block all cookies. Blocking all cookies usually creates more problems than it's worth, preventing ordering items online and making some websites unstable. Web browsers also allow you to set which websites can set cookies and which cannot.
Where did the term cookie come from?
According to an article written by Paul Bonner for Builder.Com:
"Lou Montulli, currently the protocols manager in Netscape's client product division, wrote the cookies specification for Navigator 1.0, the first browser to use the technology. Montulli says there's nothing particularly amusing about the origin of the name: 'A cookie is a well-known computer science term that is used when describing an opaque piece of data held by an intermediary. The term fits the usage precisely; it's just not a well-known term outside of computer science circles.'"
To change cookie handling in IE6
Open
Internet Explorer
Click on Tools, Internet Options and click the Privacy tab
Click on Advanced
Check Override Automatic Cookie Handling
To change cookie handling in Firefox - Recommended
Click on Tools, Options, Privacy
Even if you have cookies blocked your movements within a website can be tracked, how long you stayed, the referring link, i.e. how you got to the website, whether through a link on another website or search engine.
Other information that can be recorded are your IP address, ISP (Internet Service Provider), your location, as well as your computer's operating system (OS), web browser you're using and your monitor's resolution. The web browser and monitor resolution are sometimes used to tailor how a website displays. For example, it may display differently whether you're using IE of Firefox, since there are differences in how web browsers interpret HTML. The only thing that can't be tracked if you have cookies blocked is when you revisit a particular website, then you'll be recorded as a unique visitor each time.
There are free stat counters that record all this information, besides the number of visitors / hits to a website. Not that I'm against them, I use one and it gives a lot of insight into the makeup of the visitors and most popular webpages.
Credit card numbers and other sensitive information
Internet
Explorer has a feature called auto-complete. It stores website URL's,
passwords, addresses, etc. 
to
auto-fill online forms. Because of Internet Explorer's security weaknesses
it's possible for someone to access the fields and read your personal
information, including the credit card numbers stored there. There
are a number of programs that can read information in Windows Protected
Storage, the place where Internet Explorer stores auto-complete fields
data. So, if someone runs such a program on your computer or embeds
it as a Trojan horse (spyware), your credit card number can be compromised.
You can control auto-complete by going to Tools, Internet Options, Content and clicking on Auto Complete, which will bring up the window on the left. Here you can set what you want auto-complete to store, or disable it by unchecking all the boxes and clear the stored information.
Way back when I used IE someone was getting into my system through my firewall and accessing the auto-complete information. He was just a prankster and replaced my address and other information with silly names, but he could just as easily accessed sensitive information like credit card numbers, passwords, etc. Don't use IE if you don't want this vulnerability!
Disabling file and printer sharing
Windows XP -- like WinNT and Win2000 -- is designed for networking, both LANs (Local Area Networks) for home and office and WANs (Wide Area Networks) like the Internet. They've tried to make network setup easy and some network services are turned on by default, but in doing so they've left ways for an attacker to gain access to your system. Unless you're on a LAN, or home network, there's no need to have File and Printer Sharing enabled. An attacker could use it to gain access to your files.
To disable File and Printer Sharing:
Click on Start, Settings, Control Panel
Double-click on Network Connections
Double-click on Local Area Connection. Uncheck Client for Microsoft
Networks and Printer Sharing for Microsoft Networks. Click OK.
Then, if you're on dial-up:
In the Network Connections window right-click on your Dial-up connection icon (e.g. AOL, MSN, etc). Click on Properties, Networking and uncheck Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks. Leave TCP/IP checked. They're needed to connect to the Internet.
Desktop "Stop Spam" Pop-ups (Messenger)
If you get popup windows on your desktop telling you Messenger is going to start sending ads and you should go to a website to stop it-- close it. This exploit is due to a program called Messenger Service (not MSN Instant Messenger). It's for administrators to communicate with other users on a network, but can be used to spam you. Even if you're not getting desktop pop-ups, it should be disabled. Some networking services won't work, like Remote Assistance, which is typically used to trouble-shoot someone's computer from a remote computer. To disable:
Click
Start, Run
Enter services.msc and click OK, or hit Enter.
Browse the list until you find "Messenger" in Name column.
Double click it. The Messenger Properties (Local Computer) dialog
box comes up.
If device
is running, under Service Status click "Stop."
Choose "Disable" in "Startup type" drop down box.
Click OK.
Security Exploit in Windows NT, 2000, XP kernal
Altering your registry incorrectly can cause serious damage to your
system that may require a total reinstall of your operating system!
There is a security flaw in the kernals of Windows NT, 2000 and XP. They allow a peculiar form of access called a null or anonymous session, which can yield dangerous information about a computer and its SAM (Security Accounts Manager) accounts. SAM is a local security database that stores information about all of a machine's user or group accounts. This is to allow shared folders and peripherals between Windows 2000, NT and XP. Discovering a SAM with administrative privileges could allow an attacker to break into the user's account and jacking up account privileges to admin level. You'll need to edit your registry to stop this exploit. If you don't feel comfortable going into the registry have someone else do it. But it's actually fairly easy and similar to editing a text file.
Click
on Start, Run, type in regedit and click OK. The Registry Editor will
open.
Expand the HKEY_LOCAL_MACHINE folder by clicking on the + beside it.
Then expand:
SYSTEM\CurrentControlSet\Control\Lsa
The Lsa folder should be open and highlighted.
In the right pane you'll see Name, Type and Data fields. If you can't
see the complete names, place your mouse over the line between name
and type, you'll see the double-arrow, click and drag the column until
you see the entire names (you can do this in most windows).
Locate
restrictanonymous in the Name field. Double-click on restrictanonymous.
The Edit DWORD Value window will open. In the Value Data field enter
1. Click OK.
Then, doing the same thing, set restrictanonymoussam to 1.
Then set everyoneincludesanonymous to 0.
Click on File, Exit
Reboot
[ back ]
home
| my story | ask tara
| photos | female walk
| female voice | SRS
| beginning your transition
hormones | who she
wants to be | journal | end
drug prohibition | bio | contact
what men really mean | just another night in Oakland | photo portfolio | comments
