[Gllug] Securing XP

John Winters john at sinodun.org.uk
Mon Apr 4 07:58:10 UTC 2005


Dear all,

I know this isn't a Linux question, but I'm sure some of you have to
deal with XP too.

I find myself having to run a copy of XP in order to run some school
timetabling software.  I'm running it in a VMware virtual machine on top
of Linux.  When installing it I made a point of upgrading to SP2 and
installing anti-virus software before connecting it to the network.
(The school network is pretty much a "here be dragons" area because most
of the boys have laptops which they connect to it.  Chaos ensues.)

Anyway, after a little while connected I ran a full machine virus scan
and hey presto, found several copies of the Lovgate-T worm in 
C:\Documents and Settings\All Users\Documents\...  Investigating further
I found that this directory is by default shared to the network and
write enabled for anybody (eeek!)

So, I checked my registry and none of the signatures of the worm was
present.  Deleted the files from my hard disc and un-shared the
directory.  I haven't executed any of the files so I believe I should be
OK.  I presume a pupil's computer has simply deposited the files there
because it found the directory and it was writeable.

My question is this.  Are there any other directories which XP shares by
default?  Is there a global setting which I can change saying, "Don't
share anything"?

TIA,
John

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list