XP Out-of-the-Box

Oak Park Computer Club: Articles

Mostly written by me, mostly for the OPCC.

Comments welcome!

XP Out-of-the-box

Making a new XP install a good "experience"

"A survey of 2,000 computers completed by Symantec found that, on average, a system will receive a network packet from an MSBlast-infected computer within one second of connecting to the Internet." -- Robert Lemos, CNET News.com April 4th, 2004

Whether you have newly-installed Microsoft Windows XP on a computer or have purchased a new PC with Windows XP pre-installed, the obvious thing to do is to go on-line with your new copy of XP and download the patches right away. Don't do it--yet. Follow the instructions here first.

Admittedly, this is an evolving, still-incomplete article -- but in the meantime, this is too big a problem to ignore. For example, here's an article that describes one user's problems that could have been avoided entirely with these instructions.

This expanded outline for an upcoming article will talk about securing XP before you get on-line to download the patches--here's a few tips to tide you over:

* Do a "clean" install, not an upgrade. Especially with Windows Me, there are likely to be conflicts between the original OS and XP.

* I have seen machines hit by the Blaster worm or its variants and/or Messenger service spam even before the patches were downloaded. Once you get XP installed (or take posession of your new machine), and before you get on the Internet, start by running Shoot the Messenger, DCOMbobulator, and UnPlug n' Pray from Gibson Research (about mid-page) to turn off these unneeded, attack-prone services.

* Windows XP has a built-in firewall. While virtually useless, it's better than nothing--in this context. Unless you have Service Pack 2, you have to to dig a bit for it. Here's instructions. Be sure to turn it off once you have a third-party software firewall installed. The free Sygate or ZoneAlarm software firewalls are OK. See my article Dealing with Malware for more on this.

* You may wish to check out my article on Service Pack 2 installation tips. If possible, you should download Service Pack 2 ahead of time and burn it to a CD, or slipstream the pack onto an XP install disc, if you can, to reduce install time and plug more holes before going on-line.

There are at least two other utilities that are useful in this context. ERUNT (The Emergency Recovery Utility NT -- it works for XP, too) does a more-complete Registry backup than the tools that XP provides, and should be used for backup before going on-line. The included utility NTREGOPT does an excellent job of optimizing the Registry. XP Anti-Spy helps disable "phone home" functions to reduce the amount of your personal and/or system data being sent to Microsoft without your knowledge.

Each of these programs are relatively small; you can download all of the programs listed here (ahem, except XP-SP2) to a single floppy ahead of time. This will close the door on some of the vulnerabilities used by malware before you go on-line.

* This article (PDF file, right-click to download) discusses the issues involved and gives some suggestions, but realize that much of what it does manually is done automatically by the above tools, hence the need for my article--to simplify matters and bring up other useful tips.

* While not specifically an XP problem, this is still worthy of mention here: a recent 2600 Magazine article talked about erasing anti-virus software from a user's hard drive by means of, essentially, a Trojan; also some malware disables virus software, as well as the Windows utilities regedit and msconfig. I was ahead of the curve on this one; for some time now I have been installing anti-virus and anti-spyware software (and similar utilities) to non-default locations--in other words, don't accept the programs' default installation locations. I install to directories with names like Tools or Security. It may seem like a minor thing, but it is easy to do and it provides at least a little extra security. This is one case where security-by-obscurity may help.

Last revised: 01-December-2004. Copyright © 2004 Michael Rudas. All rights reserved. The opinions expressed in this article are not necessarily those of the other members of the Oak Park Computer Club. All trademarks are the property of their respective owners. This article was created using the KATE text editor, the OpenOffice.org word processor and Mozilla Composer, under Linux , all free and open-source software. Permission is hereby granted to publish this article in an unmodified form, except for formatting (contact me for changes or updated versions). Technical questions and help requests can be directed to my tech-support mailbox, the link to which can be found on this site or the OPCC site. Oops--misspelling: vunerabilities