Remember that port 3389 cannot be enabled easily

There are a lot of MM users who have been chatting with me on QQ on weekdays, but recently I found that there was a MM and my video always suddenly disconnected, which swept me! It's hard to get her to connect to the video, but it's a temporary disappearance. How can this problem be unbearable? It seems that I really want to ask her why she is always doing this!

"Why are you always shutting down QQ suddenly !" MM reluctantly replied: "recently, my computer will be automatically canceled and I will log on to the system again ". At this time, I suddenly felt that MM's computer should be regarded as a zombie by others! I know something about computer security, maybe it can help MM, at least show her skills in front of her!

The problem is not too late. Please hurry and ask MM some questions. "Are you sure you have enabled port 3389 ?" "What is port 3389 ?" MM confused... Ah! Don't bother me. It seems she doesn't understand me either. "In this case, move the mouse to my computer, right-click → properties → remote, and check if a user is allowed to remotely connect to the computer ?" I think I should understand it.

"Let me see it first ." After a while, MM said it was hooked up. I asked her to remove it, and then click the application. OK. But MM said, this is the last time the netizen asked me to hook up. After the hook, he can help me get the computer. It seems that MM is really careless, so I want to remind her that if "allow the user to remotely connect to this computer" is selected for the purpose of use, you must remove the hook after completion. If yes, port 3389 is enabled.
　
TIPS: port 3389 is a terminal service. It can be understood as a port used to simulate my computer as your computer for remote control. Generally, port 3389 is disabled, but it must be enabled if you want to use operations such as QQ remote control.

MM is relatively weak in computer security protection. If a hacker intrude into the computer, he can perform any operations on the compromised computer, for example, formatting your hard disk, installing Trojans to steal your QQ number, game account, and installing the gray pigeon program for long-term intrusion (if the gray pigeon and other remote control software are installed, even if port 3389 is disabled), peek at your diary ...... In this way, your computer becomes a "zombie" that can be arbitrarily slaughtered. Therefore, we should remind MM that port 3389 cannot be opened easily.

I. Intruder channel-port 3389

First, they will use the port scanning tool and the 3389 port host (the "Remote Desktop Connection" that comes with Windows XP ). Here I will use the WINNTAuto Attack software (www.2cto.com/softsearch download)

Ii. Examples of intrusion

Generally, if the computer system of the other party is Windows XP, the intrusion success rate is relatively high. If it is Windows 2003, it is generally not feasible. No matter whether the recipient's system is Windows XP or Windows 2003, the system will use the default Administrator Account (that is, the Administrator) with a blank password to keep trying. Although many computers fail, however, if we look for this method, we can keep an hourly estimate to intrude 1 ~ Two computers.

I just introduced the simplest and most effective method for personal PC intrusion. To solve this problem, you only need to add a password to the Administrator account.
Support for MM

I found that MM's computer did not set a password for the Administrator account, so I asked her to add the password. In this case, we recommend that MM set a complicated password for this account. The specific method is (take Windows XP as an example): Go to the control panel → user account → click "Administrator" → create a password, so I don't need to talk about it anymore, follow the prompts on the screen. After the settings are complete, your computer will be much safer!

At last, I would like to remind the majority of MM users not to enable port 3389 at ordinary times, and add a complicated password to the Administrator account. This effectively prevents intruders from entering the system from port 3389.