I’ve heard that in their wisdom, the engineers who put together XP Pro decided to turn ON all the optional components for some reason and that some of these could cause security issues. I’m planning on getting a new hard drive and installing XP Pro on this. What should I do to make sure I get the optimum Windows experience?
Some questions I have right now:
Should I partition the drive and set one as the vitrual memory/page file? If so, how big should I make it?
I’ve had one guy tell me that I should turn on Windows’ own firewall and have that only connect to one port from ZoneAlarm, while another guy says that I might as well have only one of the two running. Whose right? Which one should I run if I had a choice?
Other than that, the only thing I can think of is making my drives NTFS.
Putting the pagefile on a separate partition does nothing to improve performance, except that it prevents fragmentation of the pagefile to the extent that occurs if it’s on your C: drive. The ideal situation is to have the pagefile on a second hard drive - I moved mine across as soon as I installed a second drive, and it instantly speeded things up. And set the min and max settings to be the same, which again prevents fragmentation. Two to three times your physical memory is about right - it’s not crucual exactly how much. And three times gives you space to upgrade your memory without further tweaking.
What I would recommend is a separate partition for documents, so if Windows goes belly-up, you’ve a slightly better chance of not losing stuff.
Service Pack 2 is going to enable the firewall by default, but there’s no harm in installing another as well. And do you really trust Microsoft’s 100%? (The XP one isn’t configurable in any way.)
NTFS definately performs better, although XP will run on FAT32. Do remember that the conversion is a one-way street - you can’t change back to FAT32.
I presume, from what you’re saying, that you’re buying a full copy of XP. In this case, Service Pack 1 should be included in the install. I’d wait until SP2 is released and get it on CD, too, because going online to download even the present patches still results in worms getting through in the short time before you’re up-to-date.
1: Let XP handle the memory page assignment. Making a separate parttion for it is unecessary
2: Format as NTFS - not perfect but better than FAT32
3: Lot’s of older windows stuff will not work correctly on XP. You may have to upgrade several programs.
4: Any complex DOS stuff (esp stuff that wants to address the hardware directly) is likely to be problematic.
5: XP Pro networking as installed is, IMO, almost excessively (to the point of being a PITA in some cases) “secure” re default settings. Not sure what you friend is talking about. There are of lots of security holes/exploits in Explorer and Outlook, but applying updates should fix most of those (to date).
Overall, if you’ve got the horsepower to run it, it’s orders of magnitude better than 98/ME re stability. Go for it.
Several worms, like Blaster, don’t rely on IE and OE. I’ve played around with installing and going online with ADSL without a firewall to download updates - the quickest I got infected with such a worm was under five minutes. It’s pretty much impossible to get fully-patched online without a firewall and without getting infected.
That said, I agree, the upgrade and the hassle of patches is worth it.
I’m not a networking maven. I assume that the reason I haven’t been hit by a worm (and I’ve DL’d lots of stuff) is because I use a little Linksys wireless “G” router/switch with a built in hardware firewall that I just left in default mode.
Having said that I am curious about what you said re getting infected, how would a worm hit a ride into your system if it’s not in the downloaded software? How can it do this?
Yes, being on a router protects you. The most recent serious worms have all been self-activating - you merely have to be connected online on an unpatched XP box with an IP that an infected computer is scanning, and you’ll get hit. First you know of it is the computer shutting down due to a faked RPC failure.
Hmmm, now I’m kind of scared. I actually have the copy of XP already and am just waiting to get a new hard drive before installing it (currently running Me and will keep that hard drive separate for a few months to make sure XP is running OK and will likely then install it as a slave HD).
I’m assuming that when I install it, I should load up Windows, get the patches/updates and then install all my software, or would it be prudent to install Windows, then load all my stuff and update appropriately? I understand that Windows will require me to go online to finish the installation anyway.
Before installing, download a copy of a decent firewall, and put it on CD.
When you install CD, it requires ‘activation’, but you can do that any time over the first 30 days. You’ll have a fully-functioning installation, just with all the security holes for which Microsoft is famous. Before going online for the first time, install the firewall. You should then avoid any viruses/worms snaring you before you get fully patched. Then install everything else. And at least if you’re keeping the ME drive, you can get back here to ask more questions!
Here is a decent guide to help you avoid getting nailed with worms and viruses on the “first day.”
Many people, after they install XP, immediately get online to download the patches to protect themselves against the viruses. However, if you do not do some things first, you can actually get infected while you’re downloading the patches!
This gives you a certain sequence of actions to perform after installing XP to help ensure you are not infected.
What Gorillaman said. You can also get a Linksys router for around 30 bucks after rebate that comes with a nice built in hardware firewall and lets you share the internet connection among several PCs and will network them together (if desired) as well. Because it is in hardware it will also have the benefit on not taking up any CPU horsepower (however slight) like a software firewall would. Even the wireless G units are only 60 or so after rebate.
Not that I’m paranoid enough (3 AV scanners and 3 spyware scanners), but now I’m really paranoid. My router claims to have a firewall and Zonealarm has significantly fewer hits than my old connections, so I presume that it’s working.
Will install ZA before attempting. Is there a benefit to having both ZA and Windows’ firewalls set up? Here’s a hijack in my own thread, but how do they interface with the router’s firewall?
Thanks for the guide, it has some good info and I will hopefully feel safer once that day comes.
About runningwith both the Win XP firewall and ZoneAlarm operating at once, the conventional wisdom is that it’s best to use only one product of the same type at a time. Otherwise they tend to interfere with each other. (And, of course, running duplicates will drag down your performance.)
Note the phrase of the same type here. This does NOT mean only 1 product in total. So pick one software firewall to run*, one anti-virus product, one hardware firewall in your network router or switch, etc.
*P.S. Personally, I’d trust ZoneAlarm (either the free or the upgraded paid version) much more than the built-in Win XP Firewall.
Don’t be paranoid! Firewalls, following what t-bonham has said, will almost certainly keep you safe. And hey, if you do get mucked about before you’ve got the patches, all you have to do is start the install over, wasting a couple of hours.
Remove the “over the first 30 days” line and I’ll agree with you. I work with an XP installation about a year old, not connected to the Internet, that has never been “activated” and works fine.
Of course, on the rare occasions that we boot the machine, it subtracts one from the finite number of boots available until it stops working. We have about 30 to go. Why not activate it? Because I have a boss that doesn’t believe that the system will stop working. Or maybe when it happens, he’ll throw it out and buy a new computer. We’ll see. :dubious:
OK, finally installed XP Pro. However, I can’t seem to access the internet with ZoneAlarm on. I thought that perhaps that the XP firewall on at the same time was causing a problem, but when I disabled that, I still wasn’t able to access the internet.
What happens if you shut down ZoneAlarm, even briefly? Are you then able to access the internet? If so, then it’s a matter of properly configuring ZoneAlarm.
By the way, the ZoneAlarm website recommends using only their product, without the XP firewall. ZoneAlarm blocks all the same things that the XP firewall would, but does it better, and is more secure, in my opinion.
Also, if turning off zonealarm DOES help, then it might be because their version 5.0 had some bugs that interfere with internet access on some computers. I had to uninstall 5.0 and re-install an older version on my computer after I “updated”.
(The XP one isn’t configurable in any way.)