A common command to check whether a computer is hung on a horse
Source: Internet
Author: User
Some basic commands can often play a big role in protecting network security, and the following commands are very important.
First, detect network connection
If you suspect that a Trojan is installed on your computer, or if you have a virus, but you don't have a perfect tool in your hand to detect if anything like this happens, you can use Windows's own network commands to see who is connecting to your computer.
The
specific command format is: Netstat-an This command to see all the IP connected to the local computer, which contains four parts--proto (connection mode), local address (the connection), foreign addresses ( And the address of the locally established connection), State (current port status). With the details of this command, we can fully monitor the connection on the computer to achieve the purpose of controlling the computer.
Two, disable unknown service
Many friends will find the computer slows down after the system restarts one day, no matter how the optimization is slow, with anti-virus software also check no problem, this time is likely to be someone through the invasion of your computer to open a special service for you, such as IIS information Services, so that your anti-virus software is not to be found out. But don't worry, you can use "net start" to see what service is open in the system, if found not to open their own services, we can be targeted to disable this service.
The
method is to directly enter "net start" to view the service, and then use "net stop server" to prohibit the service. (www.3lian.com)
three, easy check account
for a long time, a malicious attacker would like to use the Clone account method to control your computer. The method they use is to activate the default account in a system, but the account is not commonly used, and then use the tool to elevate the account to administrator permissions, on the face of this account is still the same as the original, but the cloned account is the system's biggest security risk. A malicious attacker could arbitrarily control your computer through this account.
in order to avoid this situation, the account can be detected in a very simple way.
First, at the command line, enter net user, see what users on the computer, and then use the "net user+ user name" To see what permissions the user is, generally except the administrator is Administrators group, the other is not! If you find that a system-built user belongs to the Administrators group, it's almost certain that you've been hacked and someone else has cloned the account on your computer. Quickly use "NET user username/del" to delete this user!
the client in the networked state. For clients that do not have a network, they will receive updates at the first time after they are networked to update the virus signature library to the latest version. Not only saves the user to manually update the cumbersome process, but also makes the user's computer at all times under the best protection environment.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.