In order to better meet the needs of enterprise users, Microsoft introduced a large number of storage, network access, security and other functions in Windows 7 Enterprise /Ultimate and Windows Server 2008 R2, becoming a new tool for enterprise applications, but the security of win7 Sex still needs to be further improved. With the popularity of the Internet, viruses and Trojans and other malicious programs are spreading faster and faster. Once you are recruited, it is easy to cause system collapse or personal privacy disclosure. If the virus or Trojan is aimed at monetary interests, the harm will be even more serious, which may result in the loss of property. This problem exists in Windows 7 (hereafter referred to as Win7). Therefore, in order to ensure system security, it is particularly important to perform targeted security optimization on Windows 7 systems.
Close the default share Block the back door of the system
Like XP and Vista, Win7 also enables network sharing by default (as shown in Figure 1). Although this makes LAN sharing more convenient, it also creates conditions for virus transmission. Therefore, turning off the default share can greatly reduce the probability of the system being infected by a virus.
Open the Rubik's Cube, click & ldquo; System Optimization & Rarr; Network Sharing & rdquo; will "forbid the default management sharing and disk partition sharing", select, click "Save Settings", restart the computer, this time will not pass The default shared access system (as shown in Figure 2). If you don't want to turn off all default shares at once, the cube also provides the ability to turn off a single default share. In the previous interface, select “default share"point"refresh", you can see the current system's default share list, select the default share that you don't need, click “Clear Share”, save the settings and restart the computer. The selected default share will be closed.
In addition, the Rubik's Cube also provides the "Restricted IPC$ remote default sharing", "Allow the inter-process communication IPC$ empty connection", etc., which can effectively improve the system security settings, it is recommended to enable all.
Modify Group Policy Reinforced System Registry
is the same as XP and Vista. Win7 still has a very high risk path for remote access to the registry. Setting the path to the remotely accessible registry to null can effectively prevent hackers from using the scanner to read Win7 system information and other information through the remote registry.
Open the control panel, select “Administrative Tools", double-click “Local Security Policy", turn on “Local Policies→Security Options", find on the right side "Network Access: Remote Access Registry path & rdquo; & network access: remote access to the registry path and sub-paths, double-click to open, delete the registry path in the window (as shown in Figure 3).
Lock important functions to prevent virus theft
Some commonly used and high-privileged functions in the system, such as command line programs, batch files, registry editors, etc., are often used by viruses and other malicious software to become an intrusion system. "The accomplice". These programs are not commonly used as ordinary users. Therefore, disabling these functions can effectively strengthen the system and ensure the security of daily applications.
Open the Rubik's Cube, select “Security Optimization & Rarr; System Security Settings Recommended to select “Disable Management Console (MMC) Plugin"," prohibit execution of autoexec.bat file”, “ prohibit registration Table editing & rdquo;, & ldquo; prohibit importing .reg registry file & rdquo;, & nbsp; disable command line program and batch file & rdquo; several items, save the settings and restart the computer, you can complete the settings.