Ø Use only Windows XP Professional. Windows XP Home has too many major security flaws (e.g., in XP Home every default account has superuser privileges and cannot belong to any domain) to enable it to achieve even a baseline level of security.
Ø Install Windows XP only from trusted media.
Ø Ensure that every partition is an NTFS partition. If any volume is FAT-formatted, enterconvert
For example, to convert the D partition into an NTFS partition, enter convert d: /fs:ntfs and then reboot your system.
Ø Check to see whether Service Pack 3 (SP3) has been installed by going from Start to Run, then entering “winver”.
Ø Install the latest post-SP2 hotfixes from http://www.windowsupdate.com/
Ø An "unprotected share" is a share that permits everyone to connect to it; the worst case is a share that allows everyone to assume full control or to write and delete. Many Windows systems users have unprotected shares. The result is greater likelihood that their systems will be successfully attacked by hackers, worms, etc. Unprotected shares are one of the major causes of security-related incidents in Windows systems.
Ø Leave the Guest account disabled. Double-click on this account name and ensure that "Account is Disabled" is checked.
Ø Activate the screen saver. This will help protect against unauthorized physical access. Go to the Control Panel, then Display, then Screen Saver (or right click on the desktop to Properties and click on the Screen Saver tab). Be sure to password-enable the screen saver and also to set the activation period to 30 minutes.
Ø Be sure to run AntiVirus on your system, and to keep its signatures updated every day.