Securing the File System

By Default the Windows C:\ drive allows any user on the system to create files directly in the root of the drive. Some spyware programs take advantage of this and even though you made “Limited” accounts when following the checklist it will not really help unless you follow these instructions. To prevent this threat you need to remove the permissions for “Everyone” and “Creator Owner” from C:\. The easiest way to do this Graphically (without using a text mode command line) in XP Home Edition is to start up in Safe Mode and then change the permissions. Here is how…

  1. Power on the computer and press the F8 function key on the keyboard every couple of seconds. It is hard to time this right on a newer and faster PC so If you do not get it the first time try rebooting again and pressing F8 until you get it. If you see the colorful Windows XP screen then you missed the short window of time that you have to choose the safe mode options. Microsoft has an article about this process here, try reading that if you have no luck with my description.
  2. Once the Safe Mode Menu comes up use the Arrow keys on the keyboard and choose the item in the list that says: “Safe Mode” (not the networking or other options).
  3. The system will boot and explain that it is in a diagnostic mode, etc. Just OK through everything. When the boot screen comes up you will see another choice that you never saw before. It will be called “Administrator” and the other choice will most likely be called “Owner”. If you setup multiple users on the system they will be listed also. In this case you should choose either Administrator (which will have a blank password) or Owner.

If you have XP Professional you can just disable simple file sharing as described on this page…

Note: These permissions should be checked in Vista and Windows 7. So far I have seen the same file permissions as XP.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s