Configure Windows XP SP2 network protection technologies on a computer

A computer connected to the Internet may appear vulnerable to an attack. The attack here is an intentional crossing of the computer's security layer or taking away the right to use the computer.

In Microsoft Windows XP Service Pack 2 (SP2), Microsoft offers a number of new technologies that help help protect computers. These technologies do not replace periodic security updates. They help strengthen the overall defense of Windows XP with malicious code attacks. Windows Security Center is the point to start related items and web links related to security. Windows firewall is integrated in Windows XP SP2 and protects the computer by blocking unsolicited connections. Programs on computers like Internet Explorer or Outlook Express still work because the Windows firewall still allows on-demand connections from the computer.

The default settings from Windows XP SP2 help you protect your computer. If the default settings do not have the necessary security requirements, you can use the instructions in this document to configure a safer setting. These settings allow efficient computer use while still reducing the risk of malicious code attacks.

To configure network protection technologies, you must perform the following tasks:

1. Use Windows Security Center to configure Automatic Updates, Windows Firewall settings and identify virus protection states.

2. Configure Microsoft Internet Explorer

3. Configure Microsoft Outlook Express

4. Wireless Networking Security configuration

Important : The instructions in this document have been developed with the Start menu appearing by default when installing the operating system. If you have changed the Start menu, the steps may differ slightly.

Before start

This document will help you set up network protection features of Windows XP Professional SP2 and Windows XP Home Edition SP2 on a single computer.

Use Windows Security Center

Security Center service acts as a background process and checks the necessary security status on the user's computer:

1. Firewall . Security Center checks whether Windows Firewall is turned on or off. Security Center can also check for the presence of some third-party firewalls.

2. Automatic Updates . Security Center checks to make sure Automatic Updates is set up in the preferred settings, it automatically downloads and installs necessary updates. If Automatic Updates is set to shut down or does not set priority settings, the Security Center will make appropriate recommendations.

3. Virus Protection. Security Center checks the presence of virus software by using queries for specific Windows Management Instrumentation (WMI) vendors, and many tools created by other vendors. If the information is valid, the Security Center will report whether the software is up to date and whether real-time scanning is enabled.

If a security element is found in conditions that are not secure enough or cannot be detected, the Security Center displays the red shield in the taskbar's attention area and will show a warning message when logging in. This message links to the Security Center to display a problem message and provides tips to help you overcome this situation.

If you use an antivirus program or firewall that you test yourself, you can change the way Security Center protects the program.

Procedures for using Security Center are:

1. Change Security Center Alerts

2. Configure Windows Firewall

3. Automatic Updates configuration

Required to perform this task

You must be logged in as an internal admin security group member

Change Security Center Alerts

You cannot use antivirus software and firewalls in the same direction as the Security Center. If using a software that is not able to detect, you must configure the Security Center options to allow it to check the security status and you will not receive prompt messages to change the configuration.

To change the Security Center alerts

first.

Click Start , and then click Control Panel .

2.

On the window select Pick a category , click SecurityCenter .

Figure 1: SecurityCenter Security Center

3.

Under Resources, click Change the way SecurityCenter alerts me .

Figure 2: Alert settings

4.

Delete alert settings to meet your requirements

5. Click OK

Windows Firewall

The default settings for Windows Firewall are necessary for most users. The default and meaningful settings when possible are given in Table 1. 

Table 1 : Default settings of the firewall

Mạng kết nối đặt

All connections

You do not require Windows Firewall protection for a specific connection, or require settings on a connection.

Program exceptions

Remote Assistance only

You need to connect from other programs or services to your computer.

Port exceptions

None

You need to connect from other computer programs that use a specific port on the computer.

ICMP exceptions

None

You need other computers to verify that your computer exists and that TCP / IP is configured correctly.

Notifications

On

You don't want to be notified when other computers fail to connect to your computer.

Logging

Off

You need a log to record connections or try to make connections to your computer

Don't Allow Exceptions

Off

You are quite clear about the security holes on your computer, the vulnerabilities have not yet applied patches.After you have updated the patch, reset this setting to Off.

Note : Although this document explains how to change the default settings, if done, you may be inadvertently increasing the vulnerability of your computer to attacks. If you add any of the exception options listed in Table 1, for each option you can define a range of activities. The scope of operations is an optional configuration that allows you to specify which computers can use the exception program on your computer. If you configure the scope for the local network, the computers on the same subnet can connect to the program on the computer. However, traffic from a remote computer is not allowed.

To configure the default settings, Windows Firewall performs the following procedures on your computer.

1. Enable Windows Firewall on a network connection

2. Configure the exception program

3. Configure exception ports

4. ICMP configuration exception

5. Disable notifications

6. Install firewall log settings

7. Use exceptions without permission. 

Important : If you change any of the above settings except Don't allow exceptions, it may also increase the vulnerability in your computer to attacks.

To enable Windows Firewall on a network connection

first.

From SecurityCenter , under Manage security settings for you click Windows Firewall .

2.

In Windows Firewall , click the Advanced tab .

Figure 3: Advanced firewall settings

3.

On the Advanced tab, in the Network Connection Settings area , delete all connections that you do not need to protect the firewall.

Note : Windows Firewall is enabled for all connections. If you used a third-party firewall product (a locally installed firewall) on a private connection, you should disable Windows Firewall only for that connection.

4.

On the Advanced tab, in the Network Connection Settings area , click the specific connection to configure the settings other than the default, then click Settings .

Figure 4: Advanced settings of Windows Firewall on connection

5.

Select or delete the specific service you want to enable or disable this connection.

6.

If the service you want to enable for this connection is not displayed, click Add .

Figure 5: Service settings for a specific network connection.

7.

On the Service Settings window, enter details for the service you want to activate and then click OK .

8.

Click OK to close the Advanced Settings window

Configure the exception program

first.

In Windows Firewall click the exception tab ( Exceptions)

Figure 6: Exceptions of Windows Firewall

2. In the Programs and Services area , select each service to create a connection to your computer, and then click OK .
3.

If the program or service is not listed and you want to activate the program to create a connection through Windows Firewall, click Add Program .

Figure 7: Adding more programs

4.

In the Programs list , click the program you need through Windows Firewall

Note : If the program is not listed, click Browse and browse to the program. Click the program and then click Open .

5.

Click Change scope .

Note : Changing the scope is an optional configuration that allows you to specify which computers can use the desired program on the computer. If you do not need to define a scope, you can skip step 8.

Figure 8: Change scope

6.

Click:

1. Any computer (including those on the Internet) , to allow unsolicited access to your program

2. My network (subnet) only , to allow computers on the same subnet with your computer to access the program

3. Custom list , to allow only the computers you specify in the custom list field to access the program.

7.

Click OK.

8.

In the Add a Program box, click OK .

9.

Click OK.

To configure the exception port

first.

In Windows Firewall , click the Exceptions tab

2.

In the Programs and Services area , click Add Port .

Figure 9: Add port

3.

In the Name field, type the name of the port you want to add. In the Port number field, type the appropriate port number. Click the appropriate TCP or UDP button

4.

Click Change scope.

Note : Changing the scope is an optional configuration that allows you to specify which computers can use the desired port on your computer. If you do not need to define the scope, you can skip step 7.

5.

Click

1. Any computer (including those on the Internet) , to allow unsolicited access to your computer through the port

2. My network (subnet) only , to allow computers on the same subnet to access your computer through the port

3. Custom list , to allow only the computers you specify in the list option field, can access your computer through the port.

6.

Click OK .

7.

In the Add a Port box, make sure your new port is added to the Programs and Services list and then click OK .

8.

In the Add a Port box , click OK

Configure ICMP exceptions

first.

In Windows Firewall on the Advanced tab, in the ICMP section, click Settings .

Figure 10: ICMP settings

2.

Select the appropriate setting for ICMP exceptions, for example, if you want to activate your computer to respond to the 'ping' command, select Allow incoming echo request , then click OK .

Note : This is the default setting if the File and Printer Sharing exception is enabled

Disable notifications

In Windows Firewall , on the Exceptions tab, delete Display a notification when Windows Firewall blocks a program , then click OK .

To install Windows Firewall log settings

first.

In Windows Firewall , on the Advanced tab, in the Security Logging section, click Settings .

Figure 11: Record settings

2.

On the Log Settings window, select Log dropped packets to record all connection attempts removed by the firewall and Log successful connections to record all connection attempts allowed by the firewall.

3.

Enter a path and name for your record (pfirewall.log is the default file) 

Note : The location for your log file must be guaranteed to prevent accidental or deliberate changes to the log.

4.

Configure the size limit to ensure that your record does not increase to an unmanageable size, then click OK .

5.

Click OK to close Windows Firewall and apply the settings

Use the ' Don't allow exceptions ' option

Note : Use this setting when you need maximum protection for your computer such as when connecting to a public network in a hotel or an airport, or when a new vulnerability is discovered and you don't have time To update the patch or no patch is provided.

first.

In SecurityCenter , under Manage security settings for , click Windows Firewall .

2.

On the General tab, select Don't allow exceptions .

Figure 12: Exceptions for Windows Firewall are not allowed

3.

Click OK then close SecurityCenter .

Automatic Updates configuration

The default settings for Automatic Updates are necessary for most users. In this case, Windows periodically checks the Windows Update website to update updates promptly to help protect your computer when encountering the latest vulnerabilities and other threats. These updates may include security upgrades and service packs. Depending on the settings you choose, Windows will automatically download and install when there are updates that your computer needs, or notify you of new updates. 

Note : Automatic Updates will only automatically load system updates with high priority. Use Office Update to upgrade to Microsoft Office.

To configure Automatic Updates

first.

Open SecurityCenter , then under Manage security settings for , click Automatic Updates .

Figure 13: Automatic Updates

2.

Click on one of the options that matches your desired configuration, then click OK .

1. Automatic (recommended) , then enter the download schedule

2. Download updates for me, but let me choose when to install more (Download updates but allow to choose when installing them)

3. Notify me but don't automatically download or install thêm . (Notify you but don't automatically download or install them)

4. Turn off Automatic Updates . (Turn off Automatic Updates )

Verify the settings of the applicable security center

Verify the security center's warnings are applied

To verify the SecurityCenter warnings are applied

first.

From the Windows XP SP2 desktop, click Start , click Control Panel .

2.

Under Pick a category , click SecurityCenter .

3.

Under Resources , click Change the way SecurityCenter alerts me .

4.

Verify that the desired alert configuration is applied to your computer and then click OK to close Alert Settings.

Verify the firewall settings are applied

To verify the Windows Firewall settings are applied

first.

From SecurityCenter , under Manage security settings for , click Windows Firewall .

2.

Click the General , Exceptions , and Advanced tabs, verify the desired configuration is applied to Windows Firewall on your computer and then click OK to close Windows Firewall.

Verify the Automatic Updates settings are applied

To verify the Automatic Updates settings are applied

first.

From the Security Center , under Manage security settings for , click Automatic Updates .

2.

Verify the desired configuration is applied to Automatic Updates on your computer and then click OK to close Automatic Updates.

Part II: Configuring Internet Explorer

Part III: Configuring Outlook Express

Part IV: Configuring Wireless Network Security