1. General security protection
The so-called "regular security protection" is the same as Windows 98 to install anti-virus software, upgrade system, prohibit Ping three security methods. It should be emphasized that Windows XP, like its predecessor, Windows 2000, has numerous loopholes. The upgrade of the system cannot be as sloppy as Windows 98. In addition to installing Microsoft's vulnerability patch for "Blast Wave", it is recommended to upgrade Windows XP to The latest Service Pack 1 (improved resources will be increased after the upgrade, but the security and stability have improved).
2. Disabling Remote Assistance and Blocking Idle Ports
On Windows XP, there is a feature called “Remote Assistance” that allows users to send remote assistance invitations to friends on MSN when they have difficulty using the computer. To help solve the problem yourself.
And this "Remote Assistance" function is exactly the expression of the RPC (Remote Procedure Call) service that the virus is attacking on Windows XP. Users are advised not to use this feature, and should also install the RPC vulnerability tool provided by Microsoft and the "shock wave" immunization program before use. The method of disabling "Remote Assistance" is to open the System Properties dialog box (right click "My Computer", "Attributes"), remove it from the "Remote" item and allow it to be sent from this computer. Remote Assistance Invitation & rdquo; in front of “√”.
The port can be restricted using the "TCP/IP Filtering Service" that comes with the system. Here's how: Right click on the "Network Connections" button and select "Properties" to open the "Network Connection Properties" dialog box. In the "General" category, select the Internet Protocol (TCP). /IP)” Then click the [Properties] button below, in the "Internet Protocol (TCP/IP) Properties" window, click the [Advanced] button below, in the pop-up "Advanced TCP/IP Settings" In the window, select the "Options" option, click the [Properties] button below, and finally pop up the "TCP/IP Filter" window. Add the "Allow only" radio box in the window. "TCP", "UDP", "UDP", and other network ports allowed by the network protocol (Figure 1), without providing various services, you can block all ports. This is the best form of security.
Figure 1
3. Disabling Terminal Services Remote Control
"Terminal Services" is a form of service left over by Windows XP on Windows 2000 (Windows 2000 uses this service for remote server hosting). Users can use the terminal to achieve remote control. “Terminal Services” and “Remote Assistance” are different. Although they all implement remote control, Terminal Services pays more attention to the user's login management rights. Each connection requires a specific login of the current system. ID, and isolated from each other, "Terminal Services" is independent of the invitation of the current computer user, and can log in to the remote computer independently and freely.
Under Windows XP, "Terminal Services" is opened by default (Windows 2000 system needs to install the corresponding components before you can open and use Terminal Services). That is, if anyone knows you A user login ID on the computer, and knowing the IP of the computer, it gives you complete control over your computer.
To turn off “Terminal Services in Windows XP, follow these steps: Right-click "My Computer", "Attributes", select "Remote", remove “Allow Users can connect to this computer remotely & rdquo; in front of “√”
4. Closing the Messenger Service
The Messenger service is a communications component that Microsoft integrates into Windows XP. It is also turned on by default. When using it to send information, as long as you know the IP of the other party, and then enter the text, the corresponding text message window will pop up on the other party's desktop, and will be accepted if the Messenger service is not closed.
Many users don't know how to turn it off, but they are harassed by information. In fact, the method is very simple, enter the "Control Panel", select "Administrative Tools", start the "Services" item, then right click on the Messenger item, select “ Stop & rdquo; figure 2).
Figure 2
5. Prevent IPC default sharing
Windows XP allows any user to get all account and share lists of the system through the empty user connection (IPC$) after the default installation. This is to facilitate LAN users to share resources and files, but any A remote user can use this empty connection to get a list of your users. Hackers use this feature to find a list of users on the system and use some dictionary tools to attack the system. This is the more popular IPC attack on the Internet.
To prevent IPC attacks, you should start with the default configuration of the system. You can make up the vulnerability by modifying the registry:
Step 1: Set the RestrictAnonymous item of HKEY_LOCAL _MACHINESYSTEMCurrentControlSetControlLSA to “1”, You can disable empty user connections.
Step 2: Open the HKEY_LOCAL_MACHINESYSTEMCurrentControlSet Services LanmanServerParameters entry in the registry.
For the server, add the key value “AutoShareServer”, type is “REG_DWORD”, the value is “0”.
For the client, add the key value “AutoShareWks”, type is “REG_DWORD”, the value is “0”.
6. Rational management of the Administrator
Windows 2000/XP system, the system will create an Administrator user by default, it has the highest management rights of the computer. Some users did not set a password for the Administrator user at the time of installation. Hackers use this to log in to the other computer using an advanced user. Therefore, individual users should properly keep the “Administrator” user information. When Windows 2000 logs in, it is required to enter the login password of the Administrator user. After Windows XP is started normally, the Administrator user cannot be seen. It is recommended that users using Windows XP enter. In the security mode, add the password for the Administrator user in the “User Account” section of the “Control Panel” or delete it to avoid potential hazards.
For the security protection of personal operating system, I will introduce Windows 98 and Windows XP. As for Windows 2000, because it has Professional and Server versions, the two versions of Windows 2000 are similar to Windows XP. Windows 2003, here is not a separate introduction, the following is the Windows 2003 and Linux systems for the server.
3. The last step Change the IE cache location to the virtual hard disk, as shown in the figure 1.
Although an absolutely secure password does not exist, a relatively secure password is still availab
I mentioned that the installation of XP system is familiar to everyone, this system with the highest
CBox is the client software of China Internet TV. It can play the latest Internet TV. The clarity an
Win XP system recovery needs to pay attention to the thirteen major aspects
Clearly understand the most basic system processes of system process
Talking about how computers can resist the invasion of MP3 virus
The Windows XP operating system also plays automatic login
Get out of the mistakes and poke the classic rumors of Windows XP
How to cancel the WinXP system boot automatic scan disk function?
Solve the problem of NTLDR loss
Detailed win xp system stop operation error number
System administrator essential Ten Windows Server Tools (2)
Which methods can guarantee the security of XP remote control?
Windows7 system can not open the registry
Win8 software makes money and it is very simple
Win8.1 mouse left click to change double click how to fix?
WinXP Tutorial: Two Steps to Repel Piracy Win XP Warning
Mysql installation considerations, five reasons for installation failure
GhostWin7 system installation error prompt a destination volum how to solve?
Use of svn command under linux