Windows XP security checklist

Take advantage of our tax dollars at work. The National Institute of Standards and Technology Information Technology Laboratory Computer Security Division last month published the draft of a document to help IT professionals secure Windows XP systems.

The document is “Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist – Special Publication 800-68” by Murugiah Souppaya, Paul M. Johnson, Karen Kent and Anthony Harris. You can find it at:

https://csrc.nist.gov/itsec/guidance_WinXP.html

“SP 800-68” comes in a ZIP file with a 147-page PDF file and four template files. The template files offer reference materials and suggested user-profile settings for:

* Small-office/home-office systems (small, informal, stand-alone).

* Large enterprises (managed, structured, well-staffed).

* High-security systems (at risk of attack or data exposure, critical systems; may be subset of other environments).

* Legacy systems (older, outdated communications modalities).

SP 800-68 provides (quoting from the executive summary and adding bullets):

* Detailed information about the security of Windows XP.

* Security configuration guidelines for popular applications.

* Security configuration guidelines for the Windows XP operating system.

* Methods that system administrators can use to implement each security setting recommended.

Chapters include:

* Windows XP Security Guide Development

* Windows Security Components Overview

* Installation, Backup and Patching

* Overview of the Windows XP Security Policy Configuration and Templates

* NIST Windows XP Template Settings Overview

* Additional Windows XP Configuration Guidance

* Application Specific Security Configuration Guidance

Appendices include information on the NIST security template settings, information on Windows XP Service Pack 2, Release Candidate 2, commonly used TCP/IP ports on Windows XP systems, tools, resources and acronyms.