\t1. Routine security protection The so-called "regular security protection" is the same as the Windows 98 installation of anti-virus software, upgrade system, prohibit Ping three security methods. It should be emphasized that Windows XP and its predecessor, Windows 2000, have numerous loopholes. The upgrade of the system cannot be as sloppy as Windows 98. In addition to installing Microsoft's vulnerability patch for Shockwave, it is recommended to upgrade Windows XP to the latest one. Service Pack 1 (improved resources will be increased after the upgrade, but the security and stability are improved). 2. Disabling Remote Assistance and Blocking Idle Ports On Windows XP, there is a feature called Remote Assistance that allows users to send remote assistance invitations to friends on MSN when they are having trouble with their computer to help them solve the problem. This "remote assistance" function is the representation of the RPC (Remote Procedure Call) service that the "Blast Wave" virus is attacking on Windows XP. Users are advised not to use this feature, and should also install the RPC vulnerability tool and the "shock wave" immunization program provided by Microsoft before use. The method of disabling "Remote Assistance" is to open the System Properties dialog box (right "My Computer", "Properties"), and remove the "√" in front of "Allow Remote Assistance Invitation from this Computer" in the "Remote" item. . The port can be restricted using the "TCP/IP Filtering Service" that comes with the system. The method is as follows: Right click on "Network Connection", select "Properties", open the "Network Connection Properties" dialog box, select "Internet Protocol (TCP/IP)" in the "General" item and click below [Properties] button, in the "Internet Protocol (TCP/IP) Properties" window, click the [Advanced] button below, in the "Advanced TCP/IP Settings" window that pops up, select the "Options" item, then click below The [Properties] button, and finally the "TCP/IP Filtering" window pops up, through the "Allow Only" radio button in the window, add the ports allowed by the network protocols such as "TCP", "UDP", "IP", etc. 3) If you do not provide various services, you can block all ports. This is the best form of security. 3. Disabling Terminal Services Remote Control "Terminal Services" is a form of service left over by Windows XP on Windows 2000 systems (Windows 2000 uses this service for remote server hosting). Users can use the terminal to achieve remote control. "Terminal Services" and "Remote Assistance" are different. Although they all implement remote control, Terminal Services pays more attention to the user's login management rights. Each connection requires a specific login ID of the current system, and each other. Isolation, "Terminal Services" is independent of the invitation of the current computer user, can independently and freely log in to the remote computer. Under Windows XP, "Terminal Services" is opened by default (Windows 2000 system needs to install the corresponding components to open and use Terminal Services). That is, if someone knows a user login ID on your computer, And know the IP of the computer, it can completely control your computer. To turn off Terminal Services in Windows XP, follow these steps: Right-click on "My Computer", "Properties", select "Remote" item, and remove the "√" in front of "Allow users to connect to this computer remotely". . 4. Turning off the Messenger service The Messenger service is a communications component that Microsoft integrates into Windows XP. It is also turned on by default. When using it to send information, as long as you know the IP of the other party, and then enter the text, the corresponding text message window will pop up on the other party's desktop, and will be accepted if the Messenger service is not closed. Many users don't know how to turn it off, but they are harassed by information. In fact, the method is very simple, enter the "Control Panel", select "Administrative Tools", start the "Services" item inside, then right click on the Messenger item, select "Stop" (Figure 4). 5. Prevent IPC default sharing Windows XP allows all users to get all account and share lists of the system through the empty user connection (IPC$) after the default installation. This is to facilitate LAN users to share resources and files, but any remote user can use it. This empty connection gets a list of your users. Hackers use this feature to find a list of users on the system and use some dictionary tools to attack the system. This is the more popular IPC attack on the Internet. To prevent IPC attacks, you should start from the default configuration of the system. You can make up the vulnerability by modifying the registry: Step 1: Set the RestrictAnonymous item of HKEY_LOCAL _MacHINE\\SYSTEM\\CurrentControlSet\\Control\\LSA to "1" to disable empty users. connection. Step 2: Open the HKEY_LOCAL_MacHINE\\SYSTEM\\CurrentControlSet \\Services\\ LanmanServer\\Parameters entry in the registry. For the server, add the key value "AutoShareServer", type "REG_DWord", and the value is "0". For the client, add the key value "AutoShareWks" with the type "REG_DWord" and the value is "0". 6. Rational management of the Administrator Windows 2000/XP system, after the system is installed, an Administrator user will be created by default, which has the highest administrative authority of the computer. Some users did not set a password for the Administrator user at the time of installation. Hackers use this to log in to the other computer using an advanced user. Therefore, individual users should properly keep the “Administrator” user information. When Windows 2000 logs in, it is required to enter the login password of the Administrator user. After Windows XP is started normally, the Administrator user cannot be seen. It is recommended that users using Windows XP enter the security. Mode, then add a password for the Administrator user in the "User Account" item of the "Control Panel", or delete it to avoid leaving hidden dangers. For the security protection of personal operating system, the author introduces Windows 98 and Windows XP. As for Windows 2000, because it has Professional and Server versions, the two versions of Windows 2000 are similar to Windows XP and Windows 2003. Separately introduced, the following is the Windows 2003 and Linux systems for the server.