Defense against hacker Web Attacks

According to statistics from security experts, 80% of computer viruses are caused by users' browsing of Web traps. Therefore, webpage attacks have become one of the main means of hacker intrusion. Once the attack is successful, the user's computer may experience slow system operation, forced access to a website, the default browser homepage is changed, and the browser title is changed. If you want to browse the Web page safely in the future, please follow the author to embark on a tour of browser security protection!

I. browser Security Vulnerability Detection

Because Web traps are attacks against browser security vulnerabilities, the most widely used browser is Internet Explorer, and the vulnerabilities in this browser are also versatile, even if cainiao can easily win. Of course, you may not know the security vulnerabilities in your browser. You can go to the ScanIT website to check your browser (Http://bcheck.scanit.be/bcheck/index.php).

Open the ScanIT website page, which first displays the current version of your browser and the operating system version (figure 1 ). After learning about everything, there are three options below. The first one is Only test for bugs specific to my type of brific (Only test the browser Bug), which can Only detect 19 items. If you want to perform full inspection on the browser, select the second Run all available tests (to detect all items in all browsers), which contains 34 items. If you want to customize the detection item, you can select the third item Choose individual tests (custom detection, which can detect 16 items). We can Choose based on our own needs.

498) this. style. width = 498; "border = 0>

Figure 1

Here, I select the second item "Run all available tests (Check all items in all browsers)" and click "start the test, in this case, the browser is started to perform a "full body check. During the check process, it will pop up continuously and display the check progress and related information (figure 2 ). After the detection is completed, a Security Report of the browser is displayed. If a vulnerability exists, a detailed report is displayed.

498) this. style. width = 498; "border = 0>

Figure 2

The detected Vulnerabilities are classified into three types: High risk Vulnerabilities (High-Risk Vulnerabilities) and Medium risk Vulnerabilities (intermediate-level dangerous Vulnerabilities) and Low Risk Vulnerabilities (Low-level dangerous Vulnerabilities). If your browser has Vulnerabilities, they will not only be displayed in these three categories, but the number of existing Vulnerabilities will also be displayed. Related information will be prompted for the vulnerability, and patches will be provided for the corresponding vulnerability. Even new computers, as long as they follow the information on the page, you can fix vulnerabilities by performing step-by-step operations.

2. More sophisticated browser Health Check

If you think the browser detection is not detailed enough, you can log onWww.pcflank.comIt is a security site in Russia that can detect items such as browsers, ports, Trojans, and information leaks.

OpenWww.pcflank.comOn the left side of the website, seven security detection methods are provided: PC Flank leaktest (which can test whether your firewall can prevent information leakage) and Stealth test (Stealth detection) quick test, Browser test, Trojans Test, Advanced Port detection, and Exploits Test) (Figure 3 ).

498) this. style. width = 498; "border = 0>

Figure 3

To ensure security, click the "Quick test" tab to perform a comprehensive inspection on your computer. Of course, if you want to check the Browser, you can click the "Browser test" label, and then you can start to check the Browser. You can use other functions as needed.

3. Set up a browser to prevent Web Attacks

As we all know, webpage Trojans are mainly exploited to execute malicious code and virus programs in browser script files. Knowing how this attack works makes it easy to prevent web horse intrusion. We only need to disable browser ActiveX controls and plug-in scripts, even if we do not intend to step on the trap website in the future, the Network horse that its ambush can only "Stop and never intrude.

Open IE, click "Tools> Internet Options> Security", and click "Custom Level" in the displayed "security" tab, the "Security Settings" dialog box is displayed (figure 4 ). Disable all options in Activex controls and scripts, and click OK to make them take effect. Some websites that already know the traps can be blocked. For example, click "Internet Options"> "content" in turn, and in the "content" tab's grading review column, click the "enable" button to enter the website address you want to shield into the "site license" text, click the "never" button, you can avoid yourself entering the known malicious site in the future.

498) this. style. width = 498; "border = 0>

Figure 4

To prevent malicious web code from bypassing IE and obtain system control permissions, open the Registry Editor dialog box and expand the components to "HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet assumeractivex Compatibility, create a new CLSID-based key value {6E449683_c509_11CF_Aafa_00AA00 B6015C}, and create a Compatibility, Reg_Dword type, and the key value is 0x00000400, this prevents malicious users from downloading and executing Activex controls.