November 19, 2013

Configure Windows 7 Security Settings and Deployment

There are three default secure features provided in Windows 7. Now let's see what they are and how to configure and some tips we have to pay attention to deployment.

Windows 7 comes with three security features enabled by default:

One: Windows Firewall

The most important security feature you need to have is a software firewall running on your computer. A firewall is a security feature that blocks unauthorized attempts to send data to your computer. Windows Firewall is turned on by default, but you should check this, just to be safe.

  1. Click Start.
  2. Type 'firewall' and then click Windows Firewall in the search results. The Windows Firewall window appears.
  3. Check the Windows Firewall State value. If it says "On", you're fine; otherwise, continue to step 4.
  4. Click Turn Windows Firewall On or Off. The Customize Settings window appears.
  5. In the Home or Work (Private) Network Location Settings section, activate the Turn On Windows Firewall option.
  6. In the Public Network Location Settings section, activate the Turn On Windows Firewall option.
  7. Click OK.

Two: Windows Defender

The worst malware offender is spyware. Spyware is any program that surreptitiously monitors a user's computer activities -- particularly the typing of passwords, PINs, and credit card numbers -- or harvests sensitive data on the user's computer, and then sends that information to an individual or a company via the user's Internet connection without the user's consent.
Windows Defender protects your computer from spyware in two ways:
  1. It scans your system for evidence of installed spyware programs (and removes or disables those programs, if necessary).
  2. It monitors your system in real time to watch for activities that indicate the presence of spyware.


If the protection feature of Windows Defender is turned off, you will see the Action Center message shown below. Click that message to launch Windows Defender and turn on protection. Otherwise, click Start, type 'defender', and then press Enter.
In the Windows Defender Status area, select the following values:
  • Scan Schedule: If you see "Do Not Auto Scan," it means that Windows Defender isn't set up to scan your system for spyware automatically.
  • Real-Time Protection: If you see "Off" here, it means that Windows Defender is actively guarding against spyware activity.
Follow these steps to ensure that Windows Defender is set up for maximum protection:
  1. Click Tools.
  2. Click Options.
  3. Click Automatic Scanning.
  4. Enable the Automatically Scan My Computer checkbox.
  5. Click Real-Time Protection.
  6. Enable the Use Real-Time Protection checkbox.
  7. Click OK.
 

Windows Defender supports three different spyware scan types:
  1. Quick Scan: This scan checks those areas of your system where it is likely to find evidence of spyware. This scan usually takes just a couple of minutes. This scan is the default, and you can initiate one at any time by clicking the Scan link.
  2. Full Scan: This scan checks for evidence of spyware in system memory, all running processes, and the system drive (usually drive C:), and it performs a deep scan on all folders. This scan might take 30 minutes or more, depending on your system. To run this scan, select Scan > Full Scan.
  3. Custom Scan: This scan checks just the drives and folders that you select. The length of the scan depends on the number of locations you select and the number of objects in those locations. To run this scan, go to Scan > Custom Scan, which displays the Select Scan Options page. Click Select, select the checkboxes for the drives you want scanned, and then click OK. Click Scan Now to start the scan.
By default, Windows Defender is set up to perform a quick scan of your system every morning at 2:00 a.m. To change this, select Tools > Options > Automatic Scanning, and then use the controls to specify the scan frequency time and type.

The rest of the Options page offers options for customizing Windows Defender, which are detailed below:
  1. Default Actions: Sets the action that Windows Defender should take if it finds potential spyware in the Severe, High, Medium, and Low categories: Recommended Action Based on Definitions, Ignore, Quarantine (disables the threat without removing it), Remove, or Allow.
  2. Real-Time Protection: Besides toggling real-time protection on and off, you can also toggle security agents on and off. Security agents monitor Windows components that are frequent targets of spyware activity.
    Note: Windows Defender will warn you that a program might be spyware and ask whether you want to allow the program to operate normally or to block it. If you accidentally allow an unsafe program, click Tools > Allowed Items, then select the program in the Allowed Items list, and then click Remove from List. Similarly, if you accidentally blocked a safe program, click Tools > Quarantined Items, select the program in the Quarantined Items list, and then click Remove.
  3. Excluded Files and Folders: This section allows you to specify files or folders that you don't want Windows Defender to scan.
  4. Excluded File Type: This section allows you to specify file extensions that you don't want Windows Defender to scan.
  5. Advanced: These options allow you to enable scanning inside archive files, email messages, and removable drives.
  6. Administrator: This section has a checkbox that toggles Windows Defender on and off, and another that, when activated, allows you to see Windows Defenders items (such as allowed programs) for all user accounts on the computer.

Three: User Account Control

To enable User Account Control:
  1. Select Start, type 'user', and then click Change User Account Control Settings in the search results. The User Account Control Settings window appears.
  2. Make sure the slider is set to anything other than Never Notify at the bottom.
  3. Click OK.
  4. Restart your computer to put the new setting into effect.

 Refer to: How To Managing Security Settings in Windows 7

The above are Windows 7 default security features. And what others you should pay attention to on security deployment?
Similar to Windows Vista/XP, security deployment in Windows 7 should refer to Windows secure process. This general way will guarantee Windows security more. 

1. Set a Windows 7 logon password for restricting someone without permission to access computer.

2. System Port

If there are some ports for Windows system, hackers would control our computer through these ports, such as 3899 port. So we should know about open port before we close them. Type "netstat-an", you could see open port 135 and 139 etc. We should prohibit them by closing them directly or monitoring Windows firewall.

3. User Accounts

Most of the hackers’ invasion becomes so easy because they get root privileges of our computer. Therefore, security of user accounts becomes so important for us. As we all know, administrator has all privileges, controlling everything in computer. So it’s necessary to give an unnoticed name for administrator instead of Admin.

Besides, suspend guest account in user account manage, not allowing it to login Windows anytime.  And certainly this way applies to computer user oneself. If we meet more user log in or limited user login, we had better set a general password for them, to block the invasion of external network.

4. Share Resource

Type "netshare" in CMD to look for shared resource. There are IPC passageway, document and printer for sharing. Of course, Windows system takes hard disk for sharing default too. Forbidden methods are provided here:
netsharec$/deletedelete sharing C: disk, other disks are the same
netshareipc$/deletedelete sharing IPC

With the secure settings above for Windows 7, we could say we have made full preparation for Windows 7 security.  Also, I hope this passage help you protect your Windows 7 computer better.  

No comments:

Post a Comment