Problem solve Get help with specific problems with your technologies, process and projects.

Secure SAM file on XP

How can I secure my SAM file on XP? I am sharing my pc in peer-to-peer environment.
You can encrypt your SAM file with SYSKEY and selecting the option to store the encrypted key on a floppy disk. Keep in mind that the floppy disk will be required during the system boot phase. Storing the encrypted key on the local drive is not as secure, since there are utilities available to manipulate the password hash. Make a backup of the floppy disk and store in a safe, in case your original floppy disk gets damaged.

Equally important to protecting your SAM file, is having an understanding of the services you are running. Make sure that you disable unnecessary services for security reasons and to free up system resources. I've included below some of the services that I would disable by default. Keep a configuration file or maintenance log of the changes made to each host in your peer-to-peer network.

NOTE: Make sure you make a full backup of your system before making changes.

Services to disable:

  • Application Layer Gateway Service ? if not using Internet Sharing
  • Automatic Updates ? this can work for you or against you; at some point, someone will hack this process to propagate an attack on your system
  • Background Intelligent Transfer Service ? used by Windows Update
  • Error Reporting Service ? self explanatory
  • Internet Connection Firewall ? unless you are sharing Internet
  • NetMeeting Remote Desktop Sharing ? enable when you need it
  • Remote Access Auto Connection Manager ? unless sharing Internet
  • Remote Desktop Help Session Manager ? enable when you need it
  • Remote Access Connection Manager ? unless sharing Internet
  • Routing and Remote Access ? unless sharing Internet
  • TCP NetBIOS Helper Service ? used for WINS
  • Terminal Services ? enable when you need it
  • Upload Manager
  • WebClient

    Hope this provided the information you needed.
    Take care,

This was last published in August 2002

Dig Deeper on Network Security Best Practices and Products

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.