Feeds

Don't let Windows Indexing Service know too much

Keeping index files under control

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Now you are rid of all your old index files. Those who wish to use the Indexing Service should re-enable it, and select the particular directories to be indexed.

1. Go to the Start menu and choose Run.

2. Type in services.msc and click OK. The Services dialogue will launch.

3. Right-click on the Indexing Service to bring up the Properties dialogue box, select "Automatic", and click Apply. Then click "Start" and exit the dialogue.

4. Go to My Computer ==> Hard Disk Drives ==> Local Disk (C:), and left-click.

5. Browse your filesystem and right-click on any directory you wish to index. Choose Properties, then click "Advanced" toward the bottom of the Properties dialogue box.

6. In the Advanced Attributes dialogue box, select the tick-box beside the option "For fast searching, allow Indexing Service to index this folder". Click OK, and you will be given the option to include that directory's subfolders and their files if you like. Repeat as needed.

This way, you can use the Indexing Service while preventing it from making duplicate data traces of directories that contain sensitive files.

One little irritant here is that if you use the Search Companion, with or without the Indexing Service, your search queries will be stored in the Windows Registry, under HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru. You can delete the contents within that key whenever you please, but you will find that there is no option to write-protect it, so your search terms will be stashed there, regardless of how you feel about it.

You can delete the entries manually from time to time using the Windows Registry Editor, or you can make a backup Registry just after purging data traces, and then restore that "clean" version whenever you like. But this is a real inconvenience, since every time you alter your system configuration or install software, you will have to make a new, clean Registry backup. The best option is simply to remain aware of this fact and take care when searching your computer for files with, let's say, "controversial" names.

Just what you've been searching for

Related to this are several important files, all named "index.dat", that you'll find in numerous locations. These are, essentially, mini-databases cataloguing the contents of directories related to your internet behaviour. Your search queries, cookies, web history, and several other peculiar items are recorded for posterity. Did you ever wonder how forensic examiners can tell that a person searched the web for "undetectable poisons", "dismembering a dead body at home", and "how to explain a spouse's sudden disappearance" a week before, well, a spouse's sudden disappearance? Index.dat.

You can delete the contents of the Internet Explorer directories, but you can't easily delete the index.dat files that record their contents. Oddly, Microsoft does not want you to play with these index files, so if you attempt to delete them, access will be denied, even to an Administrator. This is because they are "open", or in use, even when IE is not running.

To remove these tattletale files, you must restart in Safe Mode:

1. Reboot.

2. As the computer boots, but before Windows starts, press F8.

3. Use the arrow keys to highlight the Safe Mode option, then press Enter.

4. You will be able to search for the files in Safe Mode. Whether or not your wipe utility will work is another matter. If it does not, you can delete the files, restart Windows normally, then use your utility to wipe free space and file slack.

Reducing the cost and complexity of web vulnerability management

Next page: System Restore

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.