Cyber security trilogy to deny hackers internet surfing

Source: Internet
Author: User
Basic Setup Chapter

Four Misconceptions about online security

The internet is actually a accumulate world, and you can easily connect to your favorite sites, and others, such as hackers, are easily connected to your machine. In fact, many machines have inadvertently left a "backdoor" in their machines and systems because of their bad online security settings, which is equivalent to opening the door to hackers. The more time you spend online, the more likely you are to be hacked into a machine by someone else. If hackers find security vulnerabilities in your settings, they will attack you, possibly in general, such as lowering your speed or crashing your machine, or more seriously, such as opening your confidential files, stealing passwords, and credit card passwords. But a lot of people don't disagree, because they're Network SecurityThere are still four misunderstandings:

Myth One: I'm not connected to other networks, so I'm safe. Yes, the Internet is connected to the Internet, but a stand-alone machine that can surf the internet, compared to a machine in a commercial network center, still has some or all of the same network protocols, and a Business Network center machine may have a public firewall or a dedicated security officer. In contrast to this, some of the personal machines used in homes, offices and small companies are really open portals, without the ability to prevent hackers. The threat is realistic: if you use a cable modem or DSL connection and have a long online time, maybe 2-4 sneaky hackers will try to attack you in a day.

Myth Two: I am using dial-up Internet, so my machine is safe. Every time you start to dial the Internet, you use the IP address will be different, that is, dynamic IP, so compared to static IP users. Hackers are hard to find you, but there are some hackers SoftwareHas grown to the ability to scan tens of thousands of IP addresses in 1 hours, so as long as hackers use these tools, even dial-up users can be attacked.

Myth Three: I use anti-virus software, so I am safe. A good virus software is really an integral part of online security, but it is also a small part. It protects you by detecting viruses and similar problems, but they are powerless against hackers and malicious "legitimate" programs.

Myth Four: I used a firewall, so I was safe. Firewalls are a very useful place, but if your machine is always receiving and sending data in ways that are not safe enough, and you're relying on some additional programs to provide security, it's equivalent to putting all your eggs in one basket, and once the firewall software bugs or leaks, you're in danger. In addition, firewalls have no defenses against viruses such as software, especially those that send or extract data maliciously and silently to your machine. Finally, some firewall software may also be counterproductive, as their vendors introduce the features of the product in their ads, potentially causing attacks that are specific to their vulnerabilities.

But the solution is there, you can use the tools you already have, and this article will tell you how to set the security and how to choose the security software.

Two, one minute of network basics

When you see this, you may want to sweep it or skip it, but it only takes a minute, and it helps you understand the content below. Simply put, you can divide your connection with the network into three layers. The deepest layer is the physical connection between you and the network, including hardware. For example, dial-up access to the Internet, to use the "Dial-Up Adapter" to "talk" with your modem; if it is a LAN, you need the network card and driver, so that your PC and network card Exchange data, and DSL, cable, etc. also need the network card. A PC can use multiple hardware adapters at the same time, for example, it can be used to cable modem Internet, also connect dial-up modem, also in the LAN, so that the system's network settings, there are two network adapters and a dial-up adapter.

The middle layer connects the communication protocols and languages that your machine uses to communicate with other network machines, such as the TCP/IP protocol, and NetBEUI and ipx/spx, which can work in parallel, and a protocol can be bundled onto multiple hardware devices. A hardware device can also bundle multiple protocols at the same time. The top-most connections are network devices, login, file and print sharing, and the top-level client program to accomplish the tasks you need to accomplish on the web, but unfortunately, it's two-way, and it allows hackers to perform their actions on you. So the trick to ensuring security is to make sure that there are no dangerous settings and devices, such as "File and Print sharing" If you don't need to access it from the Internet, which is where hackers often use them. In other words, carefully set what to bundle, and make sure that your machine is not easily accessible, despite some devices and protocols that are inherently less secure.

Third, how to ensure the security of the connection

Before you make changes to your system settings as I suggested below, it's a good idea to back up the key data in your system, or write down your original settings so that you can recover when you need them. If you are on a LAN or have special network requirements, please consult with the administrator first. Let's check your network settings first: Right-click "Network Neighborhood" and choose "Properties", now we're going to remove some of the Internet protocols that are easy to get someone to connect to you over the Internet: TCP/IP.

If you are not using dial-up, you can skip to the next paragraph. Double-click Dial-Up Adapter, bind, remove everything except TCP/IP, return to the main screen, double-click TCP/IP-> dial-up adapter, and you may see a warning that if the modification will be dangerous, it will be dangerous if it is not modified. Click Bind, and if you chose Microsoft Network users and file and print sharing to select them so that only TCP/IP is left, you will receive a warning that TCO/IP has not been bound to any drivers, and answer No. If you use a NIC, click TCP/IP for each card, for example, I use a cheap Realtek network card, click TCP/IP-> Realtek RT8029 (AS) PCI Ethernet NIC., click Bind to confirm that there is no selection. Micrcosoft network users and file and print sharing. But if you are on a local area network and want to share files and printers locally, there are ways to add a non-Internet Protocol ipx/spx or NetBEUI. Add the appropriate "Micrcosoft network users" and choose "File and Print sharing" to share files and print!

Now go back. Check each adapter and protocol in the system to make sure that Micrcosoft network users and file and print sharing are selected only in Ipx/spx and/or NetBEUI. Also, verify that the two items are not selected in TCP/IP. Then repeat this check process for all machines in the LAN. In this way, your machine uses only TCP/IP on the Internet, and a non-Internet protocol is used on the local area network to share printers and files. Because hackers must use TCP/IP, they need to spend more time accessing shared printers and files. It should be noted that any changes you have to the network settings may reset the bindings and other settings. Even if you don't have access to content, and when you or your installed software modifies the network settings, perform the steps described above to check TCP/IP connections to ensure that it remains "clean" and not " Micrcosoft network user "and file and Print sharing" bindings. AOL is one of the most disgusting: it adds its own (usually unnecessary) adapters to your network settings and may incorrectly modify your binding settings, and some users report that their "File and print sharing" is bound to TCP/IP when they install AOL. This means that you can provide printers and files to anyone who wants to connect, and the tips in the above are also useful for avoiding AOL.

There are a lot of things you can do to improve your network security, which we'll discuss below, but the settings above will eliminate the most common and prominent network security problems of Windows PCs, plugging you into the most obvious vulnerabilities and giving you a more secure online operating base. Once you have learned the above method, only a few minutes to check, basically do not need other assistive software, the advantage of this is not to spend money yo!
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.