If you’re not careful, it may be possible for hackers to remotely connect to your computer without your knowledge and copy, change, or delete files. If you travel a lot and have to connect to unsecured wireless networks at hotels, airports, etc, you should make sure to beef up the security on your system so that you do not become the victim of a hacker.
In Windows XP, there are a couple of steps you can take to ensure that your computer cannot be accessed remotely. Of course, you can never be 100% sure due to unknown security vulnerabilities in the OS and programs, but it’s better to do something rather than nothing.
Try to follow as many of the suggestions listed below as possible. If you are in a corporate environment, you probably do not have to worry about security as the IT administrators are usually on top of that.
Disable Remote Connections to Computer
Firstly, if you are not using Remote Desktop, go ahead and disable it. If you want to learn more about Remote Desktop, read my post on some features of Remote Desktop. To disable remote desktop, right-click on My Computer and choose Properties. Now click on the Remote tab.
Go ahead and uncheck Allow users to connect remotely to this computer. Now people cannot connect to your Windows XP machine using the remote desktop protocol. Of course there are other protocols a hacker can use, such as Telnet or FTP, so you should make sure those are not enabled.
If remote desktop is disabled on your computer and you can’t enable it the normal way, you can read my earlier post on how to enable Remote Desktop via the registry.
Turn on Windows Firewall to Block Incoming Connections
You also want to make sure that you either have Windows Firewall turned on or that you have another third party firewall program installed. The Windows XP firewall will only block incoming connections to your computer, unlike Vista, which can filter both incoming and outgoing traffic.
You can turn on the firewall by going to Start, Control Panel and clicking on Windows Firewall. Make sure that the On radio button is selected. Note that there is also an option called Don’t allow exceptions.
This option is very useful when you are at the airport or some place where you have to connect to a random unsecured wireless network. It will block all incoming connections, meaning you won’t be able to use programs like Yahoo Messenger or GTalk, but you can browse the Internet. When you are back to a secure trusted connection, just uncheck the box.
Also, on the Exceptions tab, make sure that you do not have any unnecessary ports that are being unblocked. You’ll have a list of programs and that’s fine, but if you have lots of open ports, they can be used for attacks on your computer.
Disable Windows Services for Remote Access
Finally, you can disable several services in Windows that will help reduce the “surface area” of an attack to your PC. By default, Windows starts a couple of services that do not really need to be on at all.
For example, there is a service called Remote Registry that is on by default, which allows the registry to be accessed via a remote computer. You can turn off these services by going to Start, Run and typing in services.msc. Scroll down to Remote Registry and right-click on it and choose Stop.
Then right-click again and choose Properties. In the Startup Type combo box, change the value to Disabled.
You also want to do this for the Telnet service as it allows users to connect to the computer using Telnet. That’s it!
So those are some of the easy and common way to help protect your computer from being accessed remotely without your permission! Enjoy!
thnx for your valuable guidelines.