Tips for making the system faster and safer

  
        To prevent network security, we need to block the common gaps in hackers, starting with barring ports and disabling services. A

, disable unnecessary ports and protocols

port is a logical interface and an external computer connected to the network, a first barrier, is a computer, the port configuration is correct or not directly affect our Host security. In general, it is safer to just open the ports you need to use, but turning off the ports means reducing functionality, so we need to balance some of the security and functionality. For those features that we don't need at all, there is no need to open the port to the hacker, so as an administrator, I close the protocols and ports that are not commonly used.

When configuring the system protocol, all unnecessary protocols are deleted. For servers and hosts, it is usually sufficient to only install the TCP/IP protocol. Right click on "Network Neighborhood", select "Properties", then right click on "Local Area Connection" and select "Properties" to uninstall unnecessary protocols (Figure 1). NETBIOS is the source of many security flaws. For hosts that do not need to provide file and print sharing, you can also disable NETBIOS bound to TCP/IP protocol to avoid attacks against NETBIOS. Select [TCP/IP Protocol] → [Properties] → [Advanced], enter the "Advanced TCP /IP Settings" dialog box, select the "WINS" tab, check the "Disable NETBIOS on TCP /IP" item (Figure 2 ), close NETBiOS.
Figure 1
Figure 2
Of course, for the file and print sharing services ports 137, 138, 139 and 445, you can also use the following methods to close. Right click on "Network Neighborhood", select "Properties", select the "Advanced" menu of the "Network and Dial-up Connection" dialog box, select the "Advanced Settings" command, enter the Advanced Settings dialog box (Figure 3), the screen that appears The upper part of the selection selects the desired connection, and the lower part of the "File and Printer Sharing" item (keep empty selection) is disabled to disable these ports. FIG


three additional ports and protocols for restriction, the following methods may be employed: [Network Neighborhood] → [Properties] → [Local Area Connection] → [Properties] → [the Internet Protocol (TCP /IP )]→[Properties]→[Advanced]→[Options]→[TCP/IP Filter]→[Properties], check “Enable TCP/IP Filtering” to allow only the required TCP, UDP ports and protocols. However, for Windows 2000 port filtering, there is a bad feature: you can only specify which ports to open, and you can't specify which ports to close. This is painful for users who need to open a large number of ports, and port filtering sometimes blocks legitimate. The connection, which occupies too many resources, has some impact on the performance of the host. Therefore, port filtering is generally performed only on the gateway of the network boundary. This can be done on a general Windows host.

Second, disable unnecessary services

method to disable services: Go to Control Panel's "Administrative Tools", run "service" to enter the service interface, double-click the list on the right need to disable Service, in the General tab of the open service properties, "Startup Type" column, click the small triangle button to select "Disabled" (Figure 4), then click the [Stop] button, and finally OK. Disabling the service will not only make your system more secure, but also make the computer run faster.
Figure 4
Windows 2000 needs to disable some of the following services
Table 1
Win2003 system recommended to disable the service list
Table 2

Windows XP system recommended to disable the service list
Table 3

Copyright © Windows knowledge All Rights Reserved