Do a clean installation of Windows
This is not a bargaining session. You may do as recommended or pleased. The former will most likely get you your Athena host faster. The latter? Well you are on your own.
- Choose a member of the NT5.x family, i.e. Windows 2000 or XP
- Use NTFS
- Install on partition C:\
- Set any host name you want
- Set Local Area Connection to auto-configuration
- Set up only one user account (to allow automatic log-in)
Optimising Windows
Using Control Panel
Go to Control Panel, System, Administrative Tools.
Finally, Services.
How to disable a service?
Right click and select Properties or double click to bring up the enable/disable dialogue box.
Stop the service if necessary.
Then click the dropdown menu and select Disable.
Disabling other services
- Automatic Updates
- System Restore
- Messenger
- Themes
- Error Reporting
- Remote Registry
- Help & Support
- QoS RSVP (for Apache2 server)
- Fast User Switching
- Indexing Service
- Security Center (for those with NT5.2 or updated NT5.1)
- IIS, if activated
- Internet Connection Firewall (ICF), optional
- MSN Browser (remove from Windows Components)
Tuning Windows
Start
Control Panel
System
Click Advanced tab
Click Setting
Performance:
Visual Effects: Adjust for best performance.
Then click Advanced tab.
Advanced:
Processor scheduling: set to Background service
Memory usage: set to System cache
Then click Change to go to virtual memory page.
Virtual memory:
Select Custom size
Set it to at least 2x physical RAM or 1GB, whichever is higher. The figure shows a 512MB machine.
Click Set, followed by OK
You might be told to reboot
Note: For best performance, set pagefile up on a different physical (real) hard disk.
More Tweaks:
Remove non-essential startup programs:
- Start > Run > msconfig
- Select Startup
- Remove all (Windows will reinstall essential services)
- Reboot (and tell Windows to stop bugging when it starts)
Expose files:
- Launch Windows Explorer
- Tools > Folder Options
- View
- Select Show hidden files
- Deselect Hide known extension
- Deselect Hide protected system files
Essential software
- Anti-virus, set to manual program update (do not get one with firewall)
- 7-zip (to unpack RAR archives)
- Host Firewall, port-configurable (if you do not want to use Windows ICF)
- [Optional]: Firefox, set it to default browser.
Q&A
I really need Messenger...
You probably should get another computer to host a server before you see your messenger sending out thousands of messages in an hour and slowing down your internet connection to a crawl.
Is Windows more susceptible to attacks?
It is arguable. We can expect the most popular operating system to be the most exploited one as well.
Is the server version more stable?
I do not think so. The underlying core codes are the same. Windows Server might appear to be more stable because of its security features.
Why expose extensions?
The files myfile.eml, myfile.scr and myfile.txt will all appear as myfile if their extensions are hidden. The first two are email and screen file, respectively but can contain executable codes which run when clicked. You will know that the only file you can safely click on is myfile.txt if extensions are exposed.
Why expose system files?
There is no advantage here. If system files are corrupted or infected, they become useless anyway. The idea is to let you see and get familiar with those files and their locations. You should make your round to Windows partition root and Windows folder before other software are installed.
Why expose all files?
Some malware are given the hidden attribute and will not be noticed if they are not exposed. The presence of hidden files in an archive which you just received should somehow raise an alarm.
Why is Winrar not recommended?
As a policy and given a choice, I do not recommend commercial vendors who require you to pay for their products. However, I will not hesitate to recommend if they at least offer a free version of their products. Vendors like AVG, Avast, Antivir, Lavasoft and MySQL.com are examples. Do not confuse this with RedHat and SuSE who are actually selling you support service.
|