On the Internet, personal security, or we may have put the issue of under-class bar. We have encountered the invasion of ways probably include the following:
(1) by others steal passwords;
(2) systems are Trojan attacks;
(3) website was a malicious attack java scrpit procedures;
(4) QQ attack or leak information;
(5) infections;
(6) there are loopholes in the system attacks his own people.
(7) the malicious hacker attacks.
Below we take a look at what kind of a more effective means to prevent attacks.
1. Inspect local shared resources
Net share CMD importation operation, to see if there are abnormal sharing, then it could be shut down. But sometimes you share closed at the next boot has emerged, then you should consider, whether your machine has been controlled by the hackers, or of a virus.
2. Delete sharing (each entry a)
Net share admin $ / delete
Net share c $ / delete
Net share d $ / delete (if any e, f,…… can continue to delete)
3. Delete ipc $ air link
Enter regedit in the operation, in the registry found in the HKEY-LOCAL_MACHINESYSTEMCurrentControSetControlLSA name RestrictAnonymous Numerical Numerical data from 0 to 1.
4. Closed its 139 ports, and the RPC flaw Ipc this existence
Close 139 port is "network and dial-up connections," "local connection" select "Internet Protocol (TCP / IP)" attributes, enter "Senior TCP / IP settings" "WinS settings," there are a "Prohibited TCP / IP NETBIOS "check on the closure of 139 ports.
5. Prevent loopholes Rpc
Open management tools - services - to find RPC (Remote Procedure Call (RPC) Locator) - Fault Recovery will be the first one failed, the second failure, failure of follow-up, are not set up to operate.
Windwos XP SP2 and Windows2000 Pro Sp4, is not the existence of the loophole.
6.445 port closure
Modify the registry, add a key value HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ NetBT \ Parameters window in the right side for the establishment of a SMBDeviceEnabled REG_DWORD type keys on the ok for such a 0.
7.3389 closure
WindowsXP: my computer right at the election attribute -> range, and will be inside the Remote Assistance and Remote Desktop two options box to remove the hook.
Win2000server Start -> procedure -> Management Tools -> Terminal Services found service of the service, select Properties options will be activated manually type of change, and to stop the service. (This method applies equally in XP)
Use Windows2000 Pro friends attention, there are many articles on the network Win2000pro said in the beginning -> Settings -> Control Panel -> Management Tools -> Terminal Services found service of the service, the selected option will activate the attribute type changed manually, and to stop the service can be shut down 3389, in fact, in 2000 there is no pro Terminal Services.
8.4899 precautions
There are many network on the 3389 and the 4899 invasion of methods. 4899 is a remote control software to open-port services, as these powerful control software, often used by hackers to control their own chickens, Arts饫Ai-funded so strata Basha times to save spring-funded Qiang Zhu group linked hit vomit?
4899 is not like 3389, the system comes with the service. Need to install themselves, but also need to upload to the server and run the computer invasion of services in order to achieve the purpose of control.
Therefore, as long as your computer do the basic security configuration, hackers, it is very difficult to control through 4899 you.
9, disable services
Open the Control Panel, access to management tools - services, closed the following services:
1.Alerter [notify selected users and computer management alerts]
2.ClipBook Enable "Show scrapbook of" storing information sharing with remote computers]
3.Distributed File System [decentralized file-sharing will be consolidated into one logical name, shared out, after the closure of a remote computer without
Law access to a shared
4.Distributed Link Tracking Server [LAN distributed application link]
5.Human Interface Device Access [opening of the Human Interface Device (HID), universal input visits]
6.IMAPI CD-Burning COM Service [Management CD recording]
7.Indexing Service [provide local or remote computer document indexing the contents and attributes, leaking information]
8.Kerberos Key Distribution Center [network license agreement Login]
9.License Logging [surveillance IIS and SQL If you do not install IIS and SQL because it will stop]
10.Messenger [alarm]
11.NetMeeting Remote Desktop Sharing [netmeeting to remain customer information collection]
12.Network DDE [in the same computer or on different computer operating procedures provide dynamic data exchange]
13.Network DDE DSDM [Management Dynamic Data Exchange (DDE) network shares]
14.Print Spooler [printers, the printer did not banning it]
15.Remote Desktop Help & nbsp; Session Manager [remote management and control assistance]
16.Remote Registry [so that the remote computer users to amend local registry]
17.Routing and Remote Access [in the LAN and WAN to provide routing services. Routing services for hackers to spy registration information]
18.Server [support this network through the computer file, print, and named pipe sharing]
19.Special Administration Console Helper [allows administrators use of emergency management services Remote Access command line prompt]
20.TCP/IPNetBIOS Helper [to provide TCP / IP services on NetBIOS and network client NetBIOS name resolution Support
而使users to share a file, print and login to the network]
21.Telnet [allow a remote user computer and run a program here]
22.Terminal Services [interactive mode allows users to connect to remote computers]
23.Window s Image Acquisition (WIA) [photographic services, applications and digital cameras] |
