Windows users get rid of hacker attacks (1)

When you go online, you often find that your network firewall is constantly alerting. Experts tell you that this may be a hacker attack. Is there any way to get rid of these unsolicited hackers?

First, cancel the folder hidden share

If you use Windows 2000/XP system, right click on the C drive or other disk, select share, you will be surprised to find that it has been set To "share this folder", but not in "My Network Places", what is going on?

Originally, by default, Windows 2000/XP will open the hidden share of all partitions, select "System Tools /Shared Folders /Sharing" from the "Control Panel /Administrative Tools /Computer Management" window, You can see that each partition name on the hard disk is followed by a "$". But just type "computer name or IPC$", the system will ask for the username and password, unfortunately, most of the individual user system administrator password is empty, the intruder can easily see the contents of the C drive, this gives the network Safety brings great hidden dangers.

How to eliminate the default share? The method is very simple, open the registry editor, go to "HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControl\\SetSevices\\Lanman\\workstation
\\parameters", create a new double-byte value named "AutoShareWKs", and set its value to " 0", then restart the computer so the sharing is cancelled.

Second, reject malicious code

Malicious web pages have become one of the biggest threats to broadband. I used Modem before, because the speed of opening a webpage is slow, and the malicious webpage is closed before it is completely opened, and the possibility of avoiding the trick is avoided. Now that broadband is so fast, it is easy to be attacked by malicious web pages.

General malicious web pages are destructive because they are added to malicious code. These malicious code is equivalent to some small programs, as long as the page is opened, it will be run. So to avoid malicious web attacks, just disable the running of these malicious code.

Run IE browser, click "Tools/Internet Options/Security/Custom Level", define the security level as "Security Level-High", and the second and third items in "ActiveX Controls and Plugins" Set to "disabled", other items set to "prompt", then click "OK". After this setting, when you use IE to browse the web, you can effectively avoid malicious code attacks on malicious web pages.

Three, the "back door" of the hacker is blocked

As the saying goes, "No wind can not afford the wave", since the hacker can enter, it means that the system must have a "back door" for them, as long as the back door is blocked. Let the hacker have nowhere to start, there is no worries!

1. Delete unnecessary protocols

For the server and the host, generally only the TCP/IP protocol is sufficient. Right click on "Network Neighborhood", select "Properties", then right click on "Local Area Connection" and select "Properties" to uninstall unnecessary protocols. NETBIOS is the root cause of many security flaws. For hosts that do not need to provide file and print sharing, you can also disable NETBIOS bound to TCP/IP protocol to avoid attacks against NETBIOS. Select "TCP/IP Protocol/Properties/Advanced", enter the "Advanced TCP/IP Settings" dialog box, select the "WINS" tab, check the "Disable NETBIOS over TCP/IP" item, and close NETBIOS.

2. Turn off "File and Print Sharing"

File and print sharing should be a very useful feature, but it is also a good security hole for hacking when you don't need it. So in the absence of "file and print sharing", we can turn it off. Right-click on "Network Neighborhood", select "Properties", and then click the "File and Print Sharing" button to remove the hooks from the two check boxes in the "File and Print Sharing" dialog box that pops up.

Although "File and Print Sharing" is turned off, it is not guaranteed to be secure, and the registry is also modified to prevent it from changing "File and Print Sharing". Open the registry editor, select the "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\NetWork" primary key, and create a new DWORD type key under the primary key. The key name is "NoFileSharingControl" and the key value is set to "1". Indicates that this function is disabled, so that the purpose of changing the "File and Print Sharing" is prohibited; a key value of "0" indicates that this function is allowed. This way, "File and Print Sharing" disappears in the "Network Neighborhood" Properties dialog box.

3.Disabling the Guest Account

There are a lot of intrusions to get the administrator password or permission through this account. If you don't want to give your computer a toy, it's forbidden. Open the Control Panel, double-click User and Password, click the Advanced tab, and then click the Advanced button to bring up the Local Users and Groups window. Right click on the Guest account, select Properties, and select "Account is disabled" on the "General" page. In addition, changing the name of the Administrator account can prevent hackers from knowing their own administrator account, which will largely guarantee the security of the computer.

4. It is forbidden to establish an empty connection

By default, any user can connect to the server through an empty connection, enumerate the account and guess the password. Therefore, we must prohibit the establishment of an empty connection. There are two methods:

Method 1 is to modify the registry: Open the registry "HKEY_LOCAL_MACHINE\\System\\CurrentControl\\SetControl\\LSA" and change the key value of the DWORD value "Restrict Anonymous" to "1". can.