Easy settings deny Windows 2003 leaks _windows2003

The Windows 2003 system has long been recognized as a better security operating system, so many people think their system security is "safe" after using the Windows 2003 operating system. But this is not the case, careful friends may find that the Windows 2003 system to provide people with strong stability, while the default settings also have a security risk! For this reason, it is necessary to make appropriate adjustments to the Windows 2003 default settings so that the system "rejects" external leaks.

As you know, by default the Windows 2003 system will store the password content you have entered in your own memory in a system-specific cache. In the future, when you want to call the password again, do not need to repeat the password, just enter the first few characters of the password, the remaining password content will be automatically filled with the system. Clearly, password records stored in a specific cache of Windows 2003 systems can pose a security threat to the system once exploited by hackers. To ensure that password information is not compromised, you can use the following steps to prevent the system from writing password information to the cache, thus cutting off the hacker's access to password information:

Click the start/Run command in the system desktop, and in the Run dialog box that pops up, enter the registry edit command "Regedit", and then click HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ in the Registry editing window. Windows\currentversion\policies Branch, check to see if the "Policies" branch contains the "Network" subkey, and if the "network" subkey is not found, you may want to select the "Policies" primary key and right-click the , execute the new/item command from the pop-up shortcut menu and name the item "Network".

Then select the "Network" item and right-click the blank position in the right area of the item, then execute the new command in the right-click menu, select the following DWORD command, and then set the new DWORD value name to "DisablePasswordCaching" , set its numeric value to "0x00000001", and finally click OK to exit the registry editing interface, and then reboot the system after you finish the above settings to make the above settings effective.

Color can leak, will it be wrong? I believe many people will make such a puzzle! Yes, if you're using the same computer as someone else, then you're using the Windows 2003 built-in Internet Explorer, and the hyperlink color changes in your Web page will let others know that you're on the Internet. Because many of the hyperlinks in the Web page before and after the visit are different, others once opened the page you have just visited, you can clear your Internet "whereabouts." Therefore, it is also necessary for you to make the appropriate settings for the IE browser in Windows 2003 so that the color of the hyperlink "rejects" the external disclosure:

Run IE programs, followed by "Tools"/"Internet Options" in the browsing interface, click the General tab in the Options Settings window, and then click the Accessibility button in the corresponding tab page to select the "Do not use the colors specified in the Web page" in the Figure 2 settings screen that pops up.

Then click the Color button on the Internet General tab page, in the Settings window that appears, select the Use Windows Colors option, and in the link settings item, set the link colors that you have visited and the links you have not visited to the same color, and then click OK. To end the entire color setting; In this case, the hyperlink color in IE will not reveal the "traces" of your Internet connection.

The Simple file sharing feature provided by the Windows 2003 system makes it easy for users to "communicate" with each other, but the Simple File sharing feature also brings a number of security vulnerabilities that inadvertently reveal the system's privacy; When the system does not need to communicate with other users, you can use the following steps to temporarily block the Simple File sharing feature to ensure that the system does not leak out:

Double-click the My Computer icon in the Windows 2003 desktop, and in the My Computer window that pops up, in the menu bar, select Tools/Folder Options.

In the subsequent folder parameter settings interface, select the View option, and in the Settings page of the corresponding option, cancel the use Simple File sharing option in the Advanced Settings item, and then click the OK button to allow the system to "deny" sharing the leak.

The "reports" mentioned here are in fact the "Send Error Reporting" feature in Windows 2003 systems; When a Windows 2003 system error occurs, you often see the Error Reporting window shown in Figure 3, and if you click the Send Error Report button in that window, Some of the privacy information in the system will also be submitted to the Microsoft Company. While the "reporting" feature helps Microsoft to collect the OS's flaws, but for many ordinary computer users, the "report" function will only disclose the system privacy, will not bring any benefits to themselves; In order to facilitate the operation and the security of the system, I suggest you block Windows 2003 System " Send error reporting feature; When you mask the feature, you can do the following:

First, in the Windows 2003 System Control Panel window, double-click the System icon to go to the System Properties window, select the Advanced tab in the window, click the Error Report button in the tab page, and then in the Error reporting settings interface that appears, select Disable error reporting, preferably "But notify me when a critical error occurs" check, so that when the system encounters an error later, you can still see the prompt interface with the error, except that the interface does not require you to submit an error message. When you are done with the above settings, you can make the settings effective by clicking the OK button.

Additionally, you can disable the "Send Error Reporting" feature in Windows 2003 systems by stopping the service; When using this method, you can first open the System Run dialog and then execute the "msconfig" System utility configuration command, then select the "Services" tab, And in a pop-up Figure 4 tab page, cancel the "Error Reporting service" in the list of services selected, and finally restart the computer system can make the settings effective.

The "web leaks" mentioned here, mainly refers to a malicious Web page, the local system's hard disk may be set up by the Web page to share, so that users on the Internet can see the local system of privacy information, which poses a fatal threat to system security. To ensure that the local hard drive is not illegally shared, you must do the following to cut off the "channel" for the malicious Web page to illegally share the local hard drive: Click Start/Run, then execute the registry Edit command in the pop-up Run dialog box, and in the editing window that appears, position the mouse over the HKEY_ local_machine\software\microsoft\windows\currentversion\

Network\lanman Branch, check if the "Lanman" key contains the "rwc$" option, if found, it means that your local hard drive has been set up to illegally share, at this time you can select the "rwc$" key and Delete, This will enable the malicious Web page to create a private illegal share to delete;

To prevent future local hard drives from being illegally shared by malicious Web pages, you can open the My Computer window, locate the system directory under the Windows installation path, and right-click the "Vserver.vxd" in the directory window. File (this file is the file and the printer to share the virtual device driver file), from the pop-up shortcut menu to perform the "delete" command, remove it from the system;

Next, open the Registry Editing window, expand the registry branch hkey_local_machine\ System\currentcontrolset\services\vxd with the mouse, as shown in Figure 5, and then "vSERVER" under the "VxD" PRIMARY key option is selected, and the edit/Delete command in the menu bar is executed so that the vSERVER option is removed, and the computer system is restarted, so that any Web page from the Internet cannot be set as a hidden share in the future.

The log function in the Windows 2003 system preserves the overall performance of the system as well as the hardware and software error messages, while also recording the operation information and security information of all users accessing the system, and by viewing the analysis log file, the system administrator can effectively find the "suspicious molecule" that attempts to destroy the system. However, the system log files can be accessed by the Guest account or anonymous account by default, so that an attacker may run into the system with a guest or anonymous account, peek at the system log files, and even remove their attack "traces" from the log file. In this way, the system administrator will not be able to log files in time to know whether the system has suffered "intrusion", so in order to "deny" the log file external disclosure, you can "block" guest or anonymous account access log files:

Open the system registry editing interface and position the mouse over the Hkey_local_machine\system\current-controlset\services\eventlog\ application registry branch. Then right-click the blank position in the corresponding right child window and execute the new/double-byte Value command on the shortcut menu;

Then set the new double byte value name to "Restrictguestaccess", set its value to "1", click "OK" button, and refresh the registry, you Can "block" guest or anonymous account to access the application log file;
Next, position the mouse over the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog

\system the registry branch, and then create a new two-byte value named "Restrictguestacc-ess" under the branch, and set its value to "1", as shown in Figure 6, to "block" guest or anonymous accounts from accessing the system log files;

In the same way, you can position the mouse over the hkey_local_machine\system\currentcontr-olset\services\eventlog\

Security Registry Branch, and under the branch, create a double-byte value named "Restrictguestaccess" and set its value to "1" to "block" guest or anonymous account access to secure log files.

Because any Windows 2003 system has already created the guest, Administrator account number by default, creating the default accounts is intended to make it easier for users to log on, but many hackers often use these default accounts to attack the system. Causes system privacy information to inadvertently be leaked; for this reason, you can deactivate these default accounts to cut off the hacker's access to the system by using the default account, thus ensuring the security of the system:

First select the Control Panel option in the Start menu, next, click Administrative Tools, Computer Management commands in the subordinate menu, expand the Local Users and Groups branch in the interface that appears, and then select the user icon below, and in the right child window for the user option, double-click the Guest account. You will then find that the account has been deactivated by default, and if not stopped, you must deactivate it in the Guest Account properties settings box.

Then double-click the Administrator option in the Account list and select the "General" tab in the pop-up window, and then in the label page shown in Figure 7, check the "Account Disabled" option. Of course, to ensure that you can log on to the system as an administrator in the future, you'd better create a new account and add the new account to the Administrator group before disabling the administrator account.

As you know, by setting the security level of the IE6.0 program, you can control the malicious Web page attack system, but the security level in the default state is unable to control Internet users access to the local hard drive, so that hackers may "peek" through IE to the local hard disk privacy information. To ensure that local hard drive information is not accessed by Internet users, you can use the following steps to get the security level of IE programs and to control My computer:

Open Registry Editor and click HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet in its editing interface

Settings\Zones\0 Branch, in the right child window corresponding to the "0" primary key, create a binary value named "Flags", set its value to "1", and then click "OK" to exit the registry editing interface when the setting is complete;

Then close the open IE window, and then restart the IE program, and clicking Tools/Internet Options in the menu bar, and selecting the Security tab, you will find that the "My Computer" icon is already on the Security tab page, which means that the security level of IE can also control access to the local hard drive. ；

Next you can select the "My Computer" option in the Figure 8 interface, then click the Custom Level button in the interface, set the Run ActiveX controls and plugins to Disabled in the settings interface that is opened, and also set the Download ActiveX controls option to disabled. This way, Internet users will not be able to "peek" into the information on the local hard drive via IE.

By default, Windows 2003 system opens a number of services, however, many of these services are "deaf ears-furnishings", and even some of the services can also be a potential threat to the system security, so you'd better have some of the services not commonly used to shield, so that hackers or attackers to use these "idle" services To steal the privacy of the system: Click the Start/Control Panel/admin Tools/Services command in the system desktop, and in the Pop-up Service List window, you will see clearly the status of each service and the explanatory notes. In this list, you can stop all services that are temporarily unavailable to the system, such as Remote Registry service, Telnet service, Error Reporting service, NetMeeting remote Desktop Sharing service and so on;

When you deactivate a specific service, you can first double-click the target service in the list of services, for example, the Telnet service, in the Service Properties Settings window shown in Figure 9, selects the manual option in the Startup Type Drop-down list, and then clicks the Stop button, which temporarily disables the target service.

Perhaps you often see oneself obviously did not carry on any operation, but the computer's hard drive signal is flashing continuously, this is why? The original Windows 2003 system of many operations, are in the system "backstage" silently; therefore, when you do not perform any operation, the hard drive signal is still flashing, most of the Windows system in the "behind-the-scenes" secretly Exchange files! Some of the privacy information generated by a file exchange may be easily captured by a hacker through a professional tool, and for this reason, you should automatically remove the privacy information generated when exchanging files in a timely manner by following these steps:

Open the system registry editing interface and position the mouse over the Hkey_local_machine\system\currentcontr-olset\control\sessionmanager \memory Management registry branch. In the right area of the corresponding "Memory management" branch, locate the ClearPageFileAtShutdown key value and, if not found, recreate a double byte value and set its name to " ClearPageFileAtShutdown "(as shown in Figure 10), set its value to" 1 ", and finally click the" OK "button, so that the privacy information generated when the file is exchanged is automatically erased before the system shuts down.