Home -> Library -> Hardening -> Windows 9x/ME Home
Documents about Windows9x/ME hardening
Recommendations for Securing Windows 9x/ME


Last Modified On: 09/28/2001
Windows 9x/ME operating systems are fairly easy to protect with only a few simple precautions.  These measures are designed to protect your system from remote security issues and do not include day-to-day usage practices (such as don’t open attachments from people you don’t know.)

1)      INTALL VIRUS PROTECTION.This cannot be emphasized enough.95% of all security related problems seen at Astalavista could have been avoided with virus protection.  Visit http://www.sophos.com for more information and to get your virus software.

2)      Turn off File and Print Sharing.  You can do this through the network control panel.  It is simply a matter of un-checking 2 boxes.  Almost all of the remote security issues with Windows 9x/ME revolve around File and Print Sharing.    Windows 9x/ME are not server operating systems and should not be used as such.

a.       If you MUST enable File and Print Sharing then:

                             i.      Make sure all of your shares are password protect.

                            ii.      Make sure the invisible “$” shares on the drives themselves are either removed or password protected.

                            iii.      Never, under any circumstances, allow write privileges to your shares.  If read only access in not good enough then you should be working with a file server, not sharing files from a desktop machine.  Why shouldn’t you allow write access?  Because once you do your system’s integrity is exposed to anyone who either has the password or who can crack the password, which is much easier than you may think.   There are a number of worms going around which travel through file shares to which they can get easy access, all they need is write privileges. 

3) Regularly check http://windowsupdate.microsoft.com/ for operating system updates.  You can install the Critical Update Notification to inform you when there are new updates, so you don’t have to worry about remembering. 

4) Install all Outlook Security Patches http://office.microsoft.com/downloads/2000/Out2ksec.aspx

5)You may want to consider a personal firewall. However, personal firewalls can be somewhat complex and intrusive… and really their need is greater the more access you allow to your machine.  For instance, if you enable File and Print Sharing the need for a personal firewall increases greatly.

6) Test your configuration: Scan yourself via the web.
  • Shields UP!
  • DSL Reports
  • Security for Cable Networks


    A couple of links are below which include more thorough information and how-tos.
    http://www.microsoft.com/technet/security/tools.asp
    http://www.cert.org/tech_tips/win-resources.html

    		•
    Hyperlinks


    Personal Firewall Scoreboard
    http://grc.com/lt/scoreboard.htm

    http://www.microsoft.com/technet/security/tools.asp
    http://www.cert.org/tech_tips/win-resources.html

    Credits

    Core Member of Astalavista Group
    rOOtless - rootless@astalavista.com