Detailed description of Win2008's powerful security features

Windows Server 2008 has been launched for many years. Compared with other traditional systems, Windows Server 2008 is indeed more powerful in terms of security protection, in terms of security and stability. Deeply loved by users. Therefore, we only need to be good at using the security features of this system, we can achieve security protection goals well. Now let's talk about the powerful security protection function of Windows Server 2008.

1. Limit the use of Thunder for malicious downloads

When multiple people use the same computer to work together, it is definitely not desirable for ordinary users to use Thunderbolt tools for malicious downloads. The disk space resources of the local system are wasted, and the bandwidth resources of the local system are also greatly consumed. In the Windows Server 2008 system environment, there are many ways to restrict ordinary users from using Thunderbolt tools for malicious downloads. For example, you can use the new advanced security firewall function of Windows Server 2008 system, or limit the download port to achieve the above control. Purpose, in fact, in addition to these methods, we can also skillfully use the system's software restriction strategy to achieve this goal, the following is the specific implementation steps of the method:

First login to Windows with system administrator privileges Server 2008 system, open the system's "Start" menu, select the "Run" command from the system, in the pop-up system run text box, enter the "gpedit.msc" keyword command to enter the corresponding system group Policy Console window;

Next, at the left side of the console window, select “Computer Configuration”/“Windows Settings”/“Security Settings”/“Software Restrictions Strategy & rdquo; option while right-clicking on the option and executing the shortcut In the "Create Software Restriction Policy" command;

Then in the corresponding area of ​​the "Software Restriction Policy" option, double-click the "Force" group policy item to open the settings dialog. In the box, select the “All users except local administrators” option, and keep the default settings. Click the “OK” button to end the above setting operation;

Software restriction policy & rdquo; under the node "Other rules" option, then right-click the group policy option, from the pop-up shortcut menu, click the "New Path Rule" command, the settings that appear after it In the dialog box, click the “Browse” button to select the Thunder download program, and set the “Security Level” parameter corresponding to the application to “Don't Allow”, and finally click the “OK” button to execute. Parameter setting save operation;

Restart Windows Server 2008 system, when the user logs in to the system with normal rights account Ordinary users can not use normal Thunder malicious program downloaded, but when we enter the local computer system to a system administrator, you can still run properly Thunder program free to download.

2, refused to hide the network virus in temporary files

Now the virus on the Internet is crazy, some network viruses in order to avoid the killing of anti-virus software, often try to find ways I hide myself in the system temporary folder, so that even if the anti-virus software finds a network virus, it can't help it, because the anti-virus software has no right to the system temporary folder. In order to prevent network viruses from being hidden in the system temporary folder, we can set the software restriction policy of Windows Server 2008 system according to the following operations:

First open the Windows Server 2008 system "Start” menu, from the midpoint Select the "Run" command, in the pop-up system run dialog box, enter the group policy edit command "gpedit.msc", click the "OK" button to enter the corresponding system's Group Policy console window; Br>

Next, at the left side of the console window, select “Computer Configuration”/“Windows Settings”/“Security Settings”/“Software Restriction Policies”/“ Other rules & rdquo; option, right-click this option, and execute the "New Path Rule" command in the shortcut menu to open the settings dialog; click on the "Browse" button to pop up the file from In the selection dialog box, select and import the temporary folder of the Windows Server 2008 system, and then set the security level & rdquo; parameter & Ldquo; & rdquo ;, finally allowed to click & ldquo; OK & rdquo; button to save the good operation of the set, so to network viruses in the future can not hide the file to a temporary folder in the system.

3, prohibit illegal ping attacks from the external network

We know that clever use of the Windows system's own ping command, you can quickly determine the network connectivity of an important computer in the LAN; However, while the ping command brings us practicality, it is also easily exploited by some malicious users. For example, if a malicious user continuously sends a ping command test package to an important computer by means of a professional tool, the important computer system cannot test all the tests. The package responds, which is prone to paralysis. In order to ensure the stability of the Windows Server 2008 server system, we can modify the group policy parameters of the system to prohibit illegal ping attacks from the external network:

First login to the Windows Server 2008 server system as a privileged identity, Click the “Start”/“Run” command on the desktop of the system. In the pop-up system running dialog box, enter the string command <;gpedit.msc”, click the Enter key to enter the corresponding The console window of the system;

Next select the "Computer Configuration" node option in the list on the left side of the console, and select "Windows Settings" and "Security Settings" from the target node. ”,“Advanced Security Windows Firewall>,“Advanced Security Windows Firewall——Local Group Policy Object”option, then use the mouse to select the "inbound rule" item; 12 next page total 2 pages