Six strategies make XP operating system more secure

Since the launch of Microsoft, the WinXP system has quickly captured a bunch of system users with a beautiful interface, coupled with its stability and powerful network functions, it is highly respected by users. However, in the process of using, users gradually discover that although the XP interface is beautiful and stable, the security problems on the system cannot be prevented by our users. So, how to set up a safe operating environment under XP system?

A: General security protection

The so-called "regular security protection" is to install the same anti-virus as Windows98. Software, upgrade system, prohibit Ping three security methods. It should be emphasized that Windows XP, like its predecessor, Windows 2000, has numerous loopholes. The upgrade of the system cannot be as sloppy as Windows98. In addition to installing Microsoft's vulnerability patch for "Blast Wave", it is recommended to upgrade WindowsXP to the latest ServicePack1 ( After the upgrade, the resource possession will be increased, but the security and stability will be improved).

2: Disable remote assistance, block idle ports

There is a feature called "Remote Assistance" on Windows XP that allows users to use MSN when they have difficulty using the computer. The friend on the topic sends a remote assistance invitation to help solve the problem.

And this "Remote Assistance" function is exactly the behavior of the RPC (RemoteProcedureCall) service that the virus is attacking on Windows XP. Users are advised not to use this feature, and should also install the RPC vulnerability tool provided by Microsoft and the "shock wave" immunization program before use. The method of disabling "Remote Assistance" is to open the System Properties dialog box (right click "My Computer", "Attributes"), remove it from the "Remote" item and allow it to be sent from this computer. Remote Assistance Invitation & rdquo; in front of “√”.

The port can be restricted using the "TCP/IP Filtering Service" that comes with the system. Here's how: Right click on the "Network Connections" button and select "Properties" to open the "Network Connection Properties" dialog box. In the "General" category, select the Internet Protocol (TCP). /IP)” Then click the [Properties] button below, in the "Internet Protocol (TCP/IP) Properties" window, click the [Advanced] button below, in the pop-up "Advanced TCP/IP Settings" In the window, select the "Options" option, click the [Properties] button below, and finally pop up the "TCP/IP Filter" window. Add the "Allow only" radio box in the window. “TCP”, UDP”, IP” and other ports allowed by the network protocol, without providing various services, can block all ports. This is the best form of security.

3: Disabling Terminal Services Remote Control

<; Terminal Services" is a service form left over by Windows XP on Windows 2000 (Windows 2000 uses this service for remote server hosting). Users can use the terminal to achieve remote control. “Terminal Services” and “Remote Assistance” are different. Although they all implement remote control, Terminal Services pays more attention to the user's login management rights. Each connection requires a specific login of the current system. ID, and isolated from each other, "Terminal Services" is independent of the invitation of the current computer user, and can log in to the remote computer independently and freely.

Under Windows XP, "Terminal Services" is opened by default (Windows 2000 system needs to install the corresponding components before you can open and use Terminal Services). That is, if anyone knows on your computer A user login ID, and know the IP of the computer, it can completely control your computer.

In the Windows XP system, close the "Terminal Services" method as follows: Right-click "My Computer", "Attributes", select "Remote", remove “ Allow users Remotely connect to this computer ” in front of “√”