As the saying goes, "Know yourself and know each other, you can't stop." Only by fully understanding the various state changes of the system itself, we can tailor the security defense plan for the system to ensure that our system always runs safely and stably. When checking the status of all aspects of the system, we sometimes need to use professional tools to help to complete this task, but for Windows Server 2008, we can make full use of the system's own function commands. The state of the various aspects of the Windows Server 2008 system has changed.
Many times, in order to make Windows Server 2008 systems run more efficiently, we often use manual methods to shut down some system services that are temporarily unavailable, so as to save valuable systems as much as possible. Resources; however, because many of the service options in the system are not familiar at all, manually modifying the system services is likely to cause some unexplained failures in the Windows Server 2008 system; for example, a friend uses a professional optimization tool for Windows Server 2008. After the system is optimized, it is found that the original printer can not work normally. How can we quickly know which system services have changed in the current system? In fact, the Windows Server 2008 system comes with "sc". The query" command, we can quickly view the working status of all services in the corresponding system; in order to find out the system service whose working status changes, we can follow the steps below:
First in the local computer Normal system service before the system is optimized The status information is backed up; when performing the service status information backup operation, we can click the "Start" /"Programs" /"Accessories" option in the Windows Server 2008 system desktop, from the "Accessories" submenu that appears later. Select the "Command Prompt" project, and right-click the project, and execute the "Run as administrator" command from the pop-up shortcut menu to switch the system state to the DOS command line working state;
At the DOS command line prompt, enter the string command "sc query >d:\\aaa.txt". After clicking the Enter key, the execution result will be returned on the screen, which means that the Windows Server 2008 system is The service status information during normal operation is all saved and saved to the "d:\\aaa.txt" file;
In the future, when we use professional tools to optimize the services of the Windows Server 2008 system, the corresponding system If there is an inexplicable failure, we just need to execute the string command "sc query >d:\\bbb.txt" at the DOS command line prompt, so that the system is optimized. The service status information is successfully saved to the "d:\\bbb.txt" file;
Next, we continue to execute the string command "fc d:\\aaa.txt d in the MS-DOS window: \\bbb.txt", in order to compare the "d:\\aaa.txt" file with the "d:\\bbb.txt" file through the fc command of the Windows Server 2008 system; I believe that by contrast, we You can quickly know which status changes in the Windows Server 2008 system cause the system to be inexplicable. For example, if the printer works properly before the service is optimized, and if the printer does not work properly after performing the system optimization service operation, then we can quickly understand that the status of the background print service of the system changes according to the above operation. At this time, we just need to open the service list window of the corresponding system, find the background printing service, and enter the property setting window of the service, and then restart the service normally, it can solve the problem that the printer can not work normally.
In addition to using the "sc query" command to export system service status information, this operation can also be done through the "net start" command.
We know that many popular Trojans and virus programs are trying to "disguise" themselves into the system's self-starting items, to automatically run the attack following the Windows system startup. Therefore, timely monitoring of the state changes of the system startup items can help us to protect the security of the computer system. This is not, in the Windows Server 2008 system environment, we can skillfully use the system's own "wmic" command to record the status information of all auto-start projects in the corresponding system; when the system encounters an abnormal phenomenon in the future, We record the status information of the system automatically starting the project, and then compare the state changes twice before and after through the Windows Server 2008 system fc command. I believe that you can quickly understand the changes of the startup items of the corresponding system. Before the Windows Server 2008 system startup item changes, we must first back up the contents of the startup items in the normal state of the system. The following is the specific backup procedure:
First, follow the previous steps to the system. Open the MS-DOS window of the Windows Server 2008 system as an administrator. At the command prompt of the window, enter the string command "wmic". After clicking the Enter key, the system command prompt will automatically change to "wmic: Root\\cli>".
Next, at the prompt, enter the string command "startup list brief > c:\\aaa.txt". After clicking the Enter key, all the self-starting items of the Windows Server 2008 system will be It is automatically saved to the "c:\\aaa.txt" file.
If you suspect that the autostart project of the Windows Server 2008 system has changed due to Trojans or viruses, we can save the contents of the autostart project after the failure to "c:\\" according to the same operation method. In the bbb.txt file; next, we continue to execute the string command "fc c:\\aaa.txt c:\\bbb.txt" in the MS-DOS window to use the fc command that comes with the Windows Server 2008 system. Comparing the "c:\\aaa.txt" file with the "c:\\bbb.txt" file is different; I believe that by comparison, we can quickly find out which new startup projects have been added to the Windows Server 2008 system.
Similarly, we can also execute the string command "process list brief" at the "wmic:root\\cli>" system command prompt to observe the status information of all processes in the system, or you can process the process. The status information backup is saved, so that when the system encounters an unexpected phenomenon in the future, the status of the system process is checked and compared. This comparison check operation also helps us to determine whether the Windows Server 2008 system has been attacked by Trojans or virus programs.
Previous 12 Next Read more
Windows Server 2008 is designed to enhance the capabilities of next-generation networks, application
Directory Configuration Environment Configuration DNS Server Configuration Active Directory Domain S
Windows 2008 turned out to make virtualization technology move forward. Its own Hyper-V technology,
After AD migrated from Server 2003 to Server 2008, it not only brought about performance improvement
Win2008 wireless network card can not be enabled solution
Sql Server 2012 Precautions under Windows Server 2008 R2
Eight Advantages of Windows Server 2008 R2
Parsing Windows Server 2008 Server Management Console
Win2008 prohibits P2P tool download principle and operation steps
Auditing and Compliance in Windows Server 2008
Windows Server 2008 four optimization tips explain
Win Server2008 open tsmmc remote login connection and modify the remote login port number method
Windows Server 2008 incurable diseases
Understand the reasons and solutions for Service Unavailable
WinXP: Alternative Usage of Favorites
Detailed Windows XP system virtual memory optimization skills
Win8 commonly used Win key combination shortcuts
How to get the motherboard information under Linux system
Win10 right-click menu does not respond how to do
How does Foxit PDF Reader close ads?
Win8.1 system network connection failure solution
Talking about the optimization and security of Linux system