Build a windows 7 environment with no virus intrusion

Source: Internet
Author: User
Tags account security

When Microsoft began to launch the Windows7 program, the new operating system had long been controversial. After all, will the advent of Vista bring a better user experience? For users who have been paying attention to Windows operating systems for a long time, whether security can be improved is worth more attention. Although Apple said that "Windows 7 is just a few patches added to Vista", everyone has reason to trust Microsoft and believe that this new version of the change will never be so simple.
I. UAC Transformation

As a matter of fact, when Vista has the UAC function, the outside world is arguing. This method improves security while reducing the user experience. In Windows 7, Microsoft began to allow users to select the UAC notification level, and also improved the user interface to improve the user experience. In Windows 7, the biggest improvement of UAC is that more control options are provided in the control panel. You can select an appropriate UAC level as needed.

Enter "Secpol. msc, press enter, open the Local Security Policy Editor, select "Local Policy"> "Security Options", and find "User Account Control" in the list on the right: in administrator Approval Mode, the Administrator's promotion prompt behavior attribute is displayed. There are six options in the drop-down list of "Local Security Settings", which are: Do not prompt, directly promote; prompt creden on the secure desktop, prompt for consent on the secure desktop, prompt for creden。, and agree for non-Windows binary files. It is necessary to mention the "non-Windows binary file consent prompt". This option can filter out Windows system files and directly use the UAC function for applications. This is the highlight of Windows 7.

Another intuitive modification method is to go to the user account change interface of the control panel and click "Change User Account Control Settings ", the UAC settings in Windows 7 provide a slider that allows you to set the notification level. You can select four methods, but the preceding method is obviously not flexible.

2. behavior center

In Windows 7, the security center (SecurityCenter) initially launched with Windows XP SP2 is removed, and the behavior center is switched ). This includes the security center, problem, report and solution, WindowsDefender, WindowsUpdate, Diagnostics, network access protection, BackupandRestore, and Recovery ); and the UAC mentioned above.

After entering the behavior center, Windows7 supports quick scanning of local computers with WindowsDefender. We scanned the system disk in the Lenovo T61 notebook, which took only 33 seconds and scanned 34931 resources. Although it is difficult to define how high WindowsDefender guarantees the security of the system itself, but as a software with a high degree of integration with the system, such scanning speed is already very good.

In fact, the functions of WindowsDefender in the configuration center can make it more perfect. The real-time protection function can scan downloaded and running programs. You can also filter specific file types and paths, and scan emails and mobile storage.

In security settings, you can clearly view the activation status of various services in the current system. In the maintenance area, you can also view information such as problem detection reports or backups.

Iii. New firewall functions

Windows 7 firewall features both internal and external protection. It uses Homeorworknetworks and Publicnetworks to protect the Intranet and Internet.

The Advanced Settings Project is also more comprehensive. The inbound and outbound rules can clearly outline the current network flow, and the operations on the configuration file and the import of policies are greatly improved. We believe that Windows 7 firewall will be more useful in future updates and upgrades.

Iv. security deployment details and summary

Like XP and Vista, the security deployment of Windows 7 also needs to learn from the security processes of Windows. This almost universal method can provide a better guarantee for the security of Windows 7.

1. Account Problems

The vast majority of hackers intrude into the system. After obtaining the root permission, the system will be inaccessible. Account Security issues have become a top priority. As we all know, an Administrator-level account can have high permissions to control Windows. Therefore, it is necessary to give the Administrator a name that is not noticed. However, do not use Admin or other names because many hacker tools use the dictionary, the frequency of the Admin guess is no less than that of the Administrator.

In addition, the Guest account is stopped in user management and is not allowed to log on to the system at any time. Of course, this method is suitable for personal PCs. If multiple users often log on or have limited logon, it is best to set a general password for your account to prevent external network intrusion.

2. Sharing Problems

Enter "netshare" in CMD to view the shared resources. The sharing of IPC channels, documents, and printers is provided here. Of course, hard disk sharing may be included in the default system. The following table describes how to disable the service:

Netsharec $/delete (delete drive C sharing, similar to other drive letters)

Netsegment IPC $/delete (delete IPC share)

3. Port Problems

Some ports in the system are very dangerous. Hackers can use these ports to control our computers, such as port 3389. Before shutting down the ports, you need to know the ports opened in the computer, enter "netstat-an" in CMD and disable ports 135 and 139. In this way, it is best to use a dedicated firewall to monitor or shut down directly, which is more convenient and convenient than the system filter method.

Obviously, Windows 7 is just a few patches for Vista, But Windows is not impeccable. We can understand some complaints and doubts from the outside and competitors about Microsoft, but there is no doubt that Windows 7 does have a better performance in terms of security. The UAC vulnerability is just an event magnified by public opinions.

In the face of such a huge code camp, Windows 7 built by many computer experts is bound to have flaws, just like Windows, Windows XP, and Windows XP, windows 7 is destined to become a driver in the development history of the operating system.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.