ISAWHIM
08-12-2008, 21:45
Ok, I recently picked-up another computer. Default with WinXP Pro, used as a server/workstation. I believe I have secured most of what I can remember, but a second sight is always welcome. (When you look at something long enough, you tend to overlook some things.)
This setup was an OEM install, with SP3 updates, and extended to include MSIE 7.
I have disabled most of the "Default Auto/Manual" services which are not needed, and will not be needed. This closed all open TCP and UDP ports, that are normally open and listening. (These are where most viruses and unauthorized hacks enter.)
Open ports = 0 (Netstat -an) or TcpView confirmed.
The 40GB hard drive has been partitioned into 4x 10GB sections. (I will be developing on this, and browsing the net, so I need some play space.)
Partition 1 is for Windows XP Pro, and normal installed programs.
Partition 2 has a 2GB-4GB swap-file, and all temp-paths have been directed there through the registry. (D:\%USERNAME%\TEMP) For example.
Partition 3 will be dedicated for my development environment of the Client/Server/DataBase.
Partition 4 is dedicated as the back-up and archives. Heavily compressed, and non-critical at the moment.
The swap-file is on a second drive, due to the traffic and notorious slow-downs related to resizing around fragmented system files and temp-net files. This is also the reason I made it so large, as I expect to use a good chunk of it for the developing server program.
Exterior USB-2 drive 40GB, has the entire system mirrored. (This is for quick restore purposes, where "Windows Restore" is completely useless.)
CD drive is a hot-swap, which will eventually house a second 40GB hard drive for extended development, and for developed running programs. (The "Live-Public" server.)
I will list all installed services, and the states, if you think that may be of importance to any observation related to security. (Any other pertinent info will also be listed.)
Just keep in mind... This will NOT be using a commercial server, for communication. This setup will not use the crippling IIS, or the Web-Specific Apache. The server-type, will be game/data specific, and not require such bloated and slow connections that MS attempts to offer for use. On that same respect, it will not offer the highly bloated and system-complex offerings that Apache offers. It's for a game, so it needs speed, an little thinking. Security beyond exploited services, can be handled after the fact, and are not as critical.
Thank-you, Jason D
This setup was an OEM install, with SP3 updates, and extended to include MSIE 7.
I have disabled most of the "Default Auto/Manual" services which are not needed, and will not be needed. This closed all open TCP and UDP ports, that are normally open and listening. (These are where most viruses and unauthorized hacks enter.)
Open ports = 0 (Netstat -an) or TcpView confirmed.
The 40GB hard drive has been partitioned into 4x 10GB sections. (I will be developing on this, and browsing the net, so I need some play space.)
Partition 1 is for Windows XP Pro, and normal installed programs.
Partition 2 has a 2GB-4GB swap-file, and all temp-paths have been directed there through the registry. (D:\%USERNAME%\TEMP) For example.
Partition 3 will be dedicated for my development environment of the Client/Server/DataBase.
Partition 4 is dedicated as the back-up and archives. Heavily compressed, and non-critical at the moment.
The swap-file is on a second drive, due to the traffic and notorious slow-downs related to resizing around fragmented system files and temp-net files. This is also the reason I made it so large, as I expect to use a good chunk of it for the developing server program.
Exterior USB-2 drive 40GB, has the entire system mirrored. (This is for quick restore purposes, where "Windows Restore" is completely useless.)
CD drive is a hot-swap, which will eventually house a second 40GB hard drive for extended development, and for developed running programs. (The "Live-Public" server.)
I will list all installed services, and the states, if you think that may be of importance to any observation related to security. (Any other pertinent info will also be listed.)
Just keep in mind... This will NOT be using a commercial server, for communication. This setup will not use the crippling IIS, or the Web-Specific Apache. The server-type, will be game/data specific, and not require such bloated and slow connections that MS attempts to offer for use. On that same respect, it will not offer the highly bloated and system-complex offerings that Apache offers. It's for a game, so it needs speed, an little thinking. Security beyond exploited services, can be handled after the fact, and are not as critical.
Thank-you, Jason D