
Special Publication 800-69 Sponsored by the Department of Homeland Security Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist Recommendations of the National Institute of Standards and Technology Karen Kent Murugiah Souppaya John Connor NIST Special Publication 800-69 Guidance for Securing Microsoft Windows Reports on Computer Systems Technology XP Home Edition: A NIST Security Configuration Checklist Recommendations of the National Institute of Standards and Technology Karen Kent Murugiah Souppaya John Connor C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 September 2006 U.S. Department of Commerce Carlos M. Gutierrez, Secretary Technology Administration Robert C. Cresanti, Under Secretary of Commerce for Technology National Institute of Standards and Technology William Jeffrey, Director GUIDANCE FOR SECURING MICROSOFT WINDOWS XP HOME EDITION Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-69 Natl. Inst. Stand. Technol. Spec. Publ. 800-69, 175 pages (September 2006) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experiment al procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the entities, materials, or equipment are nece ssarily the best available for the purpose. ii GUIDANCE FOR SECURING MICROSOFT WINDOWS XP HOME EDITION Acknowledgements The authors, Karen Kent and Murugiah Souppaya of the National Institute of Standards and Technology (NIST) and John Connor of Booz Allen Hamilton, wish to thank their colleagues who reviewed drafts of this document and contributed to its technical content. The authors would like to acknowledge Elaine Barker, Tim Grance, and Larry Keys of NIST; Chan Lee, Steven Sharma, and Victoria Thompson of Booz Allen Hamilton; and Rob Campbell of Microsoft Corporation for their keen and insightful assistance throughout the development of the document. The National Institute of Standards and Technology would also like to express its appreciation and thanks to the Department of Homeland Security for its sponsorship and support of NIST SP 800-69. Trademark Information Microsoft, Windows, Windows XP, Windows 2000, Windows NT, Internet Explorer, Microsoft Office, Outlook, Outlook Express, and Microsoft Word are either registered trademarks or trademarks of Microsoft Corporation in the United States and other countries. All other names are registered trademarks or trademarks of their respective companies. iii GUIDANCE FOR SECURING MICROSOFT WINDOWS XP HOME EDITION Table of Contents Executive Summary....................................................................................................................1 1. Introduction ......................................................................................................................1-1 1.1 Authority...................................................................................................................1-1 1.2 Purpose and Scope .................................................................................................1-1 1.3 Audience ..................................................................................................................1-2 1.4 Document Structure .................................................................................................1-2 1.5 Quick Start ...............................................................................................................1-3 2. The Need to Secure Windows XP Home Edition Computers.......................................2-1 2.1 The Roles of Computers ..........................................................................................2-1 2.2 Common Threats .....................................................................................................2-2 2.3 Security Protections .................................................................................................2-4 2.4 Threat Environments................................................................................................2-5 2.5 Summary..................................................................................................................2-6 3. Overview of Security Protections...................................................................................3-1 3.1 Reducing Weaknesses ............................................................................................3-1 3.1.1 Software Updates .........................................................................................3-1 3.1.2 User Accounts and Sessions........................................................................3-5 3.1.3 Networking....................................................................................................3-9 3.1.4 File Extensions and Associations ...............................................................3-12 3.1.5 Services......................................................................................................3-13 3.2 Protecting Privacy ..................................................................................................3-14 3.2.1 Web Browsers ............................................................................................3-15 3.2.2 Files............................................................................................................3-17 3.3 Stopping Attacks ....................................................................................................3-19 3.3.1 Malware Protection.....................................................................................3-20 3.3.2 Personal Firewalls ......................................................................................3-22 3.3.3 Content Filtering .........................................................................................3-24 3.3.4 Popup Blocking...........................................................................................3-25 3.3.5 Security Software Suites ............................................................................3-25 3.3.6 Application Configuration............................................................................3-26 3.3.7 Data Execution Prevention .........................................................................3-28 3.4 Preserving Data .....................................................................................................3-28 3.4.1 Backup or Restore Wizard..........................................................................3-29 3.4.2 Files and Settings Transfer Wizard ............................................................3-29 3.4.3 Third-Party Backup and Restore Utility ......................................................3-30 3.4.4 Third-Party Remote Backup Service ..........................................................3-30 3.4.5 File Copy to Media......................................................................................3-30 3.5 Summary................................................................................................................3-30 4. Installing Windows XP Home Edition.............................................................................4-1 4.1 Prepare for the Installation.......................................................................................4-2 4.2 Back Up Data Files and Configuration Settings.......................................................4-3 4.3 Install Windows XP Home Edition............................................................................4-6 4.4 Secure the Computer...............................................................................................4-9 4.5 Restore the Data Files and Configuration Settings................................................4-10 iv GUIDANCE FOR SECURING MICROSOFT WINDOWS XP HOME EDITION 4.6 Summary................................................................................................................4-11 5. Securing a New Windows XP Home Edition Installation..............................................5-1 5.1 Prepare to Secure the Computer .............................................................................5-1 5.1.1 Gather Needed Materials .............................................................................5-1 5.1.2 Set the Default View for Control Panel .........................................................5-2 5.1.3 Identify
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages175 Page
-
File Size-