However, because the operating system is a multi-user operating system, hackers tend to choose Win2000 as the first attack object in order to hide themselves in the attack. So, as a Win2000 user, how can we prevent Win2000 security through reasonable methods? Here I have collected and sorted out some measures to prevent Win2000 security, and now contribute them, I hope that all users can continue to add and perfect. 1. Timely backup system In order to prevent the system from running normally in the process of using it, we should make a backup of the Win2000 system. It is best to back up the entire system after completing the installation of Win2000 system. You can verify the integrity of the system based on this backup later, so you can see if the system files have been illegally modified. If the system file has been corrupted, you can also use the system backup to restore to the normal state. When backing up information, we can back up the intact system information on the CD-ROM, and then periodically compare the system with the contents of the CD to verify that the integrity of the system has been compromised. If the security level is particularly demanding, you can set the disc to be bootable and verify the work as part of the system boot process. As long as it can be booted from the CD, the system has not been destroyed. 2, set the system format for NTFS When installing Win2000, you should choose a custom installation, select only the system components and services required by individuals or units, cancel unused network services and protocols, because the more protocols and services are installed, the way intruders invade The more potential system security risks, the greater the potential. When selecting the Win2000 file system, you should choose the NTFS file system to take full advantage of the security of the NTFS file system. The NTFS file system can limit the files that each user can read and write to any folder in the disk directory, and the new disk quota service in Win2000 can also control the amount of disk space allowed by each user. 3. Encrypting files or folders In order to prevent others from peeking at files in the system, we can use the encryption tools provided by the Win2000 system to protect files and folders. The specific steps are, in the "Win Explorer", right-click the file or folder you want to encrypt, and then click "Attributes". Click “Advanced” on the “General" tab, then select the "Encrypt content to ensure data security" checkbox. 4, cancel the shared directory of the EveryOne group By default, when adding a shared directory in Win2000, the operating system will automatically add the EveryOne user group to the permission module, because the default permissions of this group is fully controlled, the result makes any Anyone can read and write to the shared directory. Therefore, after creating a new shared directory, immediately delete the EveryOne group or adjust the permissions of the group to read. 5, create an emergency repair disk If the system is accidentally destroyed and can not start normally, you need a dedicated Win2000 system boot disk, for this we must remember to create an emergency repair disk after Win2000 is installed. When creating the boot disk, we can use Win2000's tool called NTBACKUP.EXE to achieve. Run NTBACKUP.EXE, select "Create an Emergency Repair Disk" from the toolbar, insert a blank formatted floppy disk in the A: drive, and click "OK", click & ldquo; OK & rdquo; Go to the completion message and click “OK”. The repair disk can no longer be used to restore user account information, etc., and you must back up/restore Active Directory, which will be overwritten in the backup. 6. Improve the login server Moving the system's login server to a separate machine increases the security level of the system. Using a more secure login server instead of Win2000's own login tool can further improve security. In large Win2000 networks, it is best to use a separate login server for logging in to the service. It must be a server system that satisfies all system login requirements and has enough disk space on which no other services should run. A more secure login server can greatly reduce the ability of an intruder to tamper with log files through the login system. 7. Use the security mechanism to strictly design and manage the security rules of Win2000 system. The content mainly includes “Password Rules”, “Account Locking Rules”, “User Rights Assignment Rules”, “User Rules” and “Rules”. And “IP security rules”. All users should be grouped according to their work needs. Reasonable grouping of users is the most important basis for system security design. The security rules can be used to limit the validity period and password length of the user's password. Set the number of failed logins to lock the workstation, and effectively control the user backup files and directories, shutdown, network access and other behaviors. 8. Tracking the system In order to closely monitor the hacker's attack activity, we should start the Win2000 log file to record the running status of the system. When the hacker attacks the system, its clues will be recorded in the log file. Therefore, many hackers often hide their own traces by modifying the system's log files when they start attacking the system. For this reason, we must restrict access to log files and prohibit users with general permissions from viewing log files. Of course, the built-in log manager function in the system may not be too strong, we should use a special logging program to observe those suspicious multiple connection attempts. In addition, we must be careful to protect passwords and users with root privileges, because once the hacker knows these accounts with root privileges, they can modify the log file to hide their tracks. 9. Use the login script to develop system policies and user login scripts to appropriately limit the behavior of network users. We can use the system policy editor and user login script to set the working environment for the user, control the operation of the user on the desktop, control the program executed by the user, and control the time and place of the user login (such as only allowing the user to work during the time, Log in on your own office machine, except for all accesses.) Take the above measures to further enhance the security of the system. 10, often check the system information If you suddenly feel that the computer is not working properly during the work, it seems that someone is remotely controlling you in a remote place. At this time, you must stop the work in time, immediately press Ctrl+Alt+Del to see if the system is running any other programs. Once you find that the inexplicable program is running, you stop it immediately, so as not to the entire computer. The system has a greater threat. However, not all programs appear in the program list when they run. Some programs such as Back Orifice (a hacker's backdoor) do not appear in the list of processes in the Ctrl+Alt+Del composite key. It is best to run “Accessories&rdquo ;/“System Tools”/“System Information", then double-click "Software Environment", select "Run Tasks", find a program in the task list that you are not familiar with or that you are not running. Once the program is found, it should be terminated immediately to prevent future problems. 11, be wary of the virus attack Nowadays, the virus spreads faster and faster on the Internet. In order to prevent active infection, we do not want to access illegal websites on Win2000, and do not rush to download and run the program. For example, if you receive an email with an attachment and the attachment is a file with the extension EXE, you should not run it at will, because the program that does not know the truth may be a system destruction program. . Attackers often send a system name to you by e-mail with a deceptive theme, lie to you to say something: "This thing will surprise you", "ld"; help me test the program ” and the like. You must be vigilant! To treat these seemingly friendly, well-meaning email attachments, what we should do is to delete these unidentified documents immediately. 12, set the system security parameters Make full use of the local security performance of the NTFS file system, design the NTFS file system file and directory read and write, access permissions, group users. Deny access, read, and change permissions are granted to different groups of users, and generally only the minimum required directory and file permissions are granted. It is worth noting that special care should be taken to grant full control authority. For network resource sharing, it is necessary to design the network sharing rights of the file system, and never grant sharing rights to files and directories that should not be shared. For files and directories that can be shared, different groups and users should be granted access denied, read, changed, and full control.