Blocking hidden security settings for Windows system itself

Want to own computer not be malicious person invade, must start from own security, is the defense foreign enemy's "King's Way".

System and Disk format selection

1, do not use the ghost version of the Windows XP system

When choosing an operating system, it is best not to select the ghost version of the Windows XP system, because users using this system version will automatically open remote Terminal Services by default, and there will also be a weak password form of the new account, both easily exploited by hackers, which leads The last computer was invaded by someone with ulterior motives. Of course, if only the ghost version of the Windows XP system installation disk does not matter, but please note that after the installation of the system, click the "start" → "run" option, in the Open "Run" dialog box, enter the Services.msc command return, this will start the "service" List dialog box. After you find the Terminal Services service entry, change its properties to the disabled option to determine.

2, the disk selected NTFS format

The NTFS partition format is created with the Windows NT operating system, and as Windows NT4 into the main partitioning format, it has the advantage of being extremely secure and stable, making it difficult to produce file fragments in use, and the NTFS partition has very restrictive user permissions. Each user can only operate according to the permissions given by the system, any attempt to exceed the authority will be prohibited by the system, and it also provides fault-tolerant structure log, you can record all the user's operations, thereby protecting the system security. The NTFS file system also has other advantages, such as: For more than 4GB hard drives, using NTFS partitions, you can reduce the number of disk fragmentation, greatly improve the utilization of the hard disk. NTFS can support file sizes up to 64GB, much larger than 4GB under FAT32, support for long filenames, and so on.

3, collect evidence to catch hackers

As we all know, audit login is a security feature in the local policy, so you want to use audit login to stop the hacker's illegal intrusion. Here we should start with the local security policy, to do this: click the "start" → "run" option, in the Open "Run" dialog box, enter the "Control admintools" command return, in the display of the Administrative Tools page, double-click the Local Policy tab entry, the pop-up Local Security Settings dialog box. Expand the Local policy option on the left, and click the Audit Policy tab. Then double-click the right "Audit logon events" option, will "audit these operations," "Success", "Failure" are selected, in the same way to "Audit account Management", "Audit account login Events", and "Audit directory service Access" are set up, the system will log remote intruder information, so that we can "track down" to catch hackers. For information on how to find records of illegal intruders, we can view them by entering the Eventvwr.msc command in the Run dialog box and opening the Event Viewer.

Second, System permissions settings

1. Set permissions on the disk

If you want to set permissions on a disk, your system must be a Win2K operating system, except for Windows XP Home Edition users, and all of its disk drives are in the form of NTFS files, both of which are indispensable. Then you can right-click on the drive you want to set, select the "Properties" option, add adminitrator and system OK, and then select everyone to remove it, click "Advanced" to check "Reset all child object permissions and allow propagate inheritable permissions".

2. Permission settings for certain files

If you want to set up some individual file permissions, we can set the permissions on the file by the cacls command at the command line. This does not rule out that many people are unfamiliar with the use of CACLS commands, can be in the cmd command line, enter the cacls/? command, you can in its cmd command line under the area to display the detailed usage of the command. Here take the 123.txt file as an example, after the command line, enter cacls 123.txt/e/g administrator:f command return, you can process its files. Wait until the cursor is on a different line, enter type 23.txt to test the situation, and there will be a hint of access denied. In addition, the file will be moved to the root of the system disk, to a certain extent, can also prevent Trojan to its loading.

3. Permissions settings for registry Startup items

To prevent a malicious program from modifying some important settings in the Registry's startup entry, we can avoid such malicious situations by giving the startup item the relevant permission settings. Here opens the "Run" dialog box, enter the REGEDT32 command return, in the pop-up "Registry" dialog box, expand the left main part to Hkey_local_machine\software\microsoft\windows\ CurrentVersion\Run, right-click the key value to select the Permissions option. Then click Advanced, remove the check from the parent that can be applied to the child object, including those that are explicitly defined here (I), and then click OK to delete the user other than the administrator and the system account. When you are done, check the "Inherit from parent the permission entries that can be applied to child objects, including those explicitly defined here (I)".