e-mail and IE security skills are proficient in internet surfing
Source: Internet
Author: User
"Rian" meaning for all who have as a person, generally have a good idea, planning in the dark, and striking. In the security of e-mail, we can also use the "Rian" strategy, from the system, anti-virus, black and other aspects of e-mail to create a security line of defense ...
Analysis on the hidden danger of e-mail
E-mail is the most widely used communication tool in interpersonal communication in the network, and its security problem has aroused the attention of all aspects several years ago. Simply put, e-mail in the security aspects of the main issues are the following direct or indirect aspects:
Password is stolen
Trojans, violent guessing, software loopholes, sniffing, and many other ways are likely to let the password in the mailbox is unknowingly handed to the people.
The contents of the message were intercepted
The attachment contains a large number of viruses
It often uses the people to receive the mail to be eager, is susceptible to the mail subject attraction and so on psychology, dives into and destroys the computer and the network. The current mail virus is far more harmful than the traditional virus.
E-mail bomb attack
Flaws in the design itself
The following will address the various threats that e-mail may pose to us, from the security of the mailbox and the message, as well as the purpose of system security, to discuss some practical preventive measures.
Mail client software usage restrictions
Because mail client software (such as Foxmail) is the operating environment for sending and receiving mail, the use of the mail client software is limited and we can see it as the first line of defense. In Foxmail, for example, depending on the operating system, there are several limiting methods:
1. In the imperfect operating systems such as Windows 98, you can use Third-party security tools such as PC safety to limit the use of foxmail. After installing the software, just right-click on the Foxmail icon and select "PC Security" and "lock" in the pop-up shortcut menu to achieve the "lock" restriction of the use effect. When you need to use Foxmail, you must enter the appropriate unlock password before you can use Foxmail.
2. In the use of security-better systems such as Windows XP, you can use the encryption capabilities of the system itself in addition to third-party encryption tools such as PC protection. The prerequisite is that the Foxmail software should be installed in the NTFS partition, and then you can right-click the icon, select "Properties" in the pop-up menu, click to switch to the "Security" tab to set the interface, and, if necessary, set the user who has the right to use this program.
Security for Mailbox password
e-mail password is the most easily cracked one of the registered password, the harm of the large, wide range can not be ignored. Therefore, we should adopt the following measures to minimize the risk:
1. It is highly recommended to use "irregular password combination with sufficient length to replace the password in a fixed time".
2. Set the password question and answer to be complex. When you register your mailbox, you will need to set up a password question to use when restoring your password. But this will sometimes give hackers a chance to "guess"! For example, some users of the question is 123, the answer is 321. So a bit of experience hackers will first test such questions and answers, so that the mailbox can be easily cracked. So for this hint problem and password, or should have a meaning easy to remember and not easy to be guessed by the hacker problem password advisable.
Encryption of messages
Message encryption is a more effective, for the message content security precautions, and hotcrypt is such a message for the encryption of the software, is very suitable for beginners to use. Hotcrypt has adopted advanced encryption algorithm, can effectively protect the data security, it supports any mail program or other file editing window, through the hotkey can quickly encrypt, easy to use. Next, we'll detail how to encrypt a message under Foxmail:
Step one: After you run Hotcrypt and edit the content in the Foxmail Mail compose window, press the key combination "ctrl+e" to bring up the Hotcrypt encrypted window to encrypt the message
Step two: After entering a password in the text box under "Enter Password", click the "OK" button to return to the Mail editing window, you will find that the message body content has become encrypted ciphertext.
Tip: Hotcrypt can only encrypt content in the top-level current window. When the friend received this email, he also needs to run Hotcrypt, press the key combination "ctrl+d" to pull out the Password input window and enter the correct password before the normal reading to the content of the message.
The prevention of mail virus
As e-mail becomes an increasingly important means of daily interaction, the shadow of the virus begins to surround the email. Today, more than 70% of computer viruses are transmitted by email. So how can we intercept the mail virus more comprehensively? You can usually use the following measures:
1. Prohibit other programs from sending messages secretly
In order to prevent the mail virus automatically inquires the user's address book, and then to the user's name to the user's friends and relatives. With Outlook Express 6.0 as an example, we can set the following:
Click on "tools → options → security", click the checkbox in the Select Settings screen before "Warn me when other applications try to send email in my name", so that any quiet "underground mail activity" will be found and reported to the user immediately.
2. Start Outlook Express 6.0 self-antivirus option
Because most mail viruses are transmitted by loading mail attachments, you can use the method that prevents OE from opening attachments to prevent such viruses from being violated. The method is as follows: Run OE6.0, click "Tools", click "Options", click "Security", and click the check box in the "Do not allow to save or open the possible virus Attachment" tab in the Select Settings interface, so you can enable the OE self-protection mechanism feature.
3. Modify the Association
Some worms propagate through mail attachments in format such as. vbs, and to reduce the risk of such viruses, an easy way is to modify the associated properties of the file so that it does not run automatically when the script file is opened (for example, when a user double-clicks an attachment). Open Windows XP Control Panel, double-click Folder Options, select the File Types tab, and select the. vbs file type.
Then change the default action to Notepad (not the default for running in VBScript), click the Advanced button, select Edit in the Edit File Type dialog box, and specify the open program as Notepad in the edit this type of Action dialog box.
Tip: For. VBE,. WSF,. WSH,. js and. JSE These file types can also make the same changes, the method of modifying the file association attributes is not possible to isolate all risks.
After modifying the file's associated properties, when you click on a script file, it will not run as it used to, but will be opened with Notepad and in edit state. If you want to run the script, you must explicitly specify in the shortcut to the script that you want to open the script file with VBScript.exe.
4. Use antivirus software
Now the vast majority of anti-virus software provides the content of the virus detection of the function, such as rising anti-virus software can be very good to do this, it allows us to send and receive mail, automatically to the message of the virus detection, to prevent the system "poisoning."
The prevention of the mailbox bomb
Mail bombs are more cumbersome to guard against, and it is difficult to guarantee foolproof, but we can use the following methods to avoid the attack of mail bombs and do a good deal of treatment:
Do not disclose your email address at random
Hide your e-mail address
If the shy@public.sq.js.cn in the input into the shy.public.sq.js.cn, so that everyone knows this is actually a mailbox, but some e-mail automatic search software can not recognize such a "mailbox."
Use the automatic reply function carefully
The "Automatic reply" function is designed to be good, but it can also be used to make mail bombs! Imagine if both the receiver and the sender set the "Automatic reply" setting, and both sides did not read the letter in time, will be repeated "automatic reply" created a mailbox bomb.
Fix the patch.
In the software design, there are often some unexpected errors and loopholes, to bring security and stability of the program hidden dangers. Therefore, often keep the software update, is to ensure system security, one of the simplest and most direct way to the Outlook Express 6.0 download and install SP1 Simplified Chinese version as an example, the download URL for the patch: www.microsoft.com/downloads/ Details.aspx?familyid = 0cf81200-dd86-4636-8ae5-3f4af4e829d8&&displaylang =ZH-CN
Backup of messages
When it comes to the security of a message, you can't just talk about backup, but because of the way the mail is backed up, it's often possible to use a lot of methods, so this article is inconvenient to detail. But basically should be done to receive the message set a special directory, export "address Book" and other aspects of backup operations.
Defense Ie:ie Maintenance Skills 7 method
Home page settings are masked locked
Attack Features: The home page setting is disabled, and the address bar is dimmed and blocked.
Purge Method: Open Registry Editor, open in the following order: Hkey_local_usersofwaremicrosoftinternet Explorermain Branch, new "ControlPanel" PRIMARY key, and then under this primary key new key value named "Homepage" DWORD value, Value is "00000000", press F5 key Refresh is effective.
The default search engine is modified
Purge Method: Open Registry Editor, open in the following order: [hkey_local_machinesoftwaremicrosoftinternet Explorermain Branch, find "Searchpage" key value name, click on the right window Modify, you can enter its key value as: Ie.search.msn.com{sub _rfc1766}/srchasst/srchasst.htm, and then find the "Customizesearch" key value name, Modify its key value to: ie.scarch.msn.com//srchasst/srchasst.htm, press F5 key to refresh effective.
IE title bar is added illegal information
Attack characteristics: By modifying the registry, so that the IE title bar is forcibly added advertising information site, in IE top Blue title bar more than what "htttp://www.********.com" tail.
Purge Method: Open Registry Editor, open the Hkey_current_usersoftwaremicrosoftinternet Explorermain branch in the following order, and find the "window Title" key value name. Enter the key value for Microsoft Internet Explorer, and press F5 to refresh. Then open it in the following order: Hkey_local_machinesoftware microsoftinternet explorermain Branch, find "window Title" key value name, enter key value for Microsoft Internet Explorer, pressing F5 refresh takes effect.
Tip: If you are a user of Windows 2000/xp/server 2003, the above three examples can use System Group Policy to modify the "gpedit.msc" command in the "Run Bar" of "start" in the Group Policy Editor window, click to expand the User Configuration, " Windows settings, Internet Explorer maintenance, URL. Double-click the "Important URL" item in the right window and click the "Custom home page url" checkbox in the Pop-up dialog box to enter the desired URL in the text box that you want to activate.
Right-click menu is added illegal link
Attack feature: By modifying the registry, a link to an illegal site is added to the right mouse button pop-up menu.
Purge Method: Open Registry Editor, open in the following order: hkey _current_usersoftwarepoliciesmicrosoftinternet Explorer Menuext Branch, In the left window, all of the main illegal links are deleted, press F5 key refresh effective.
The right mouse button menu is disabled
Attack characteristics: By modifying the registry, the right mouse button pop-up menu function in IE browser is completely prohibited, in IE click right button no response.
Purge Method: Open Registry Editor, open in the following order: hkey _current_usersoftwarepoliciesmicrosoftinternet explorerrestrictions Branch, find " Nobrowsercontextmenu "Key value name, set its key value to" 00000000 ", press F5 key to refresh effective.
IE Favorites Wallet to forcibly add an address link to an illegal web site
Attack characteristics: By modifying the registry, forcibly add the link information of illegal website in IE favorites.
Clear method: Please manually clear, with the right mouse button to move to the illegal website information, right-click pop-up menu, select Delete.
IE toolbar is illegally added button
Attack feature: Add an illegal button icon to the toolbar.
Clear method: Click the icon directly, in the right mouse button pop-up menu, select "Delete" can be.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.