Eight security methods for home surfing

First, often modify the password


because many hackers use exhaustive methods to crack passwords, such as John's password cracking program can be downloaded free from the Internet, as long as a large enough dictionary on fast enough to run night and night, you can get the required account number and password, therefore, Often changing passwords to deal with this kind of embezzlement seems to be very effective. As so many potential hackers try to get someone else's password, then dial-up users should strengthen the prevention, the following four principles can improve the ability to crack the password.


1. Do not choose commonly-made passwords.


2. Mix words and symbols to form a password.


3. Use more than 9 characters to make the password, make your password as long as possible, for Windows system, the minimum password to be composed of 9 characters to be safe.


4. The composition of the cipher is best mixed with uppercase and lowercase letters, in general, the password is only composed of English letters, the password can use 26 or 52 letters. If a 8-letter password is cracked, the number of letters in the password will be 256 times times the difference.


Second, please other people should immediately modify the password after installation


This is a very easy to ignore the details, many users do not know how to dial the Internet for the first time, ask someone else to teach, so often the user name and password to tell the person, this person remember to go back to steal services. Therefore, the user should better learn how to dial after the Internet account, or to the ISP first to ask how to modify their password, in other people teach themselves how to dial, immediately change the password to avoid being embezzled.


third, use the "terminal window after dialing" feature


Select a connection, click the right mouse button, select "Properties/General/Configuration/Options/dial-up terminal Window", and then dial, do not fill in the Dial-up interface username and password (not to select the "Save Password" item), in the end of the Dial-up window after the corresponding input, This avoids the user name and password being logged to the password file on the hard disk, while also avoiding the capture of user names and passwords by some hacker programs.


iv. Delete. pwl file


There are often password files with the suffix ". PWL" in the Windows directory, and ". PWL" is the transliteration abbreviation for password. For example, there is a security vulnerability in the original Windows 95 operating system where passwords are saved, allowing hackers to easily retrieve passwords stored in PWL files using the appropriate program. This vulnerability has been fixed in Windows 97. Therefore, you need to install the Windows 97 version of the operating system for your PC. PWL files also often record passwords for other places, such as opening Exchange e-mail passwords, playing Mud game passwords, and so on, frequently deleting these pwl files to avoid leaving passwords on your hard disk.


Five, prohibit the installation of keystroke logger


Many people know doskey.exe this program, this commonly used external command in DOS can speed up the input command by restoring the previously entered command, and there are many similar programs, such as Keylog, that record the user's keystroke action and even record it to the screen as a snapshot. Everything that was going on. There are programs that can record keystroke letters to a specific file in the root directory, which can be viewed in a text editor. This is how the password was leaked out, the thief just look at the root directory can be, there is no need for any professional knowledge


VI, dealing with Trojan horse

The
Trojan Horse program is often defined as a program that actually performs another task when performing a task, and it is never too much to describe such a program with words such as "deception" or "Wolf in sheep's clothing". A typical example is: Forge a login interface, when users enter user name and password in this interface, the program will transfer them to a hidden file, and then prompted the error to ask the user to re-enter again, the program then call the real login interface to allow users to log in, The user is then given a file with a user name and password that is almost imperceptible. There are many so-called Trojan horses on the internet, such as the famous Bo, backdoor, NetBus and the domestic netspy, etc. Strictly speaking, they belong to client/server (c/s) programs because they tend to have a server program that resides on the user's machine, and a client program for accessing the user's machine, just as the NT Server and the workstation relationship.


in dealing with Trojans, there are several ways to do this


1. Read more readme.txt. Many people download Trojan packages for research purposes and execute them hastily before they can figure out the specific functionality of several programs in the package, often incorrectly executing server-side programs and making the user's computer the victim of a Trojan horse. Software packages often included in the Readme.txt file will have the detailed function of the program introduction and use instructions, although it is generally in English, but it is necessary to read first, if you do not understand, it is best not to execute any program, discard the package is of course the most insurance. It is necessary to develop a good habit of reading Readme.txt before using any program.


It is worth mentioning that there are many program descriptions to make executable readme.exe form, Readme.exe often bundled with a virus or Trojan horse, or simply by virus program, Trojan Horse server-side program to get the name, The purpose is to let the user mistakenly think is the program documentation to execute it, is Morthen. So the readme.exe from the Internet is best not to execute it.


2. Use antivirus software. Now the domestic anti-virus software has introduced the removal of some Trojan horse functions, can be carried out on a regular basis offline inspection and removal. In addition, some anti-virus software also provides real-time network monitoring functions, this function can be in the hacker from the remote implementation of the user's machine files, provide alarm or let execution failure, so that hackers upload executable files to the user machine can not correctly execute, thereby avoiding further loss.


3. Hang up immediately. Although there are many reasons why the internet is slowing down suddenly, but there is reason to suspect that this is caused by a Trojan horse, when intruders use Trojan client programs to access your machine, and your normal access to grab broadband, especially when intruders download files from a remote user's hard disk, normal access becomes very slow. At this point, you can double click the connection icon in the lower-right corner of the taskbar and take a closer look at the "Sent bytes" item, and if the number changes to 1~3kbps (1~3 per second), you can almost confirm that someone is downloading your hard drive file, unless you are using the FTP feature. For users familiar with TCP/IP ports, you can type "netstat-a" under "MS-DOS" to observe all current communications processes connected to your machine, and when a specific IP is using an uncommon port (typically greater than 1024) to communicate with you, This end is probably the communication port of the Trojan horse. When you find this suspicious sign, all you have to do is hang up and check the hard drive for a Trojan horse.


4. Watch the catalogue. Regular users should often observe files located in the three directories of C:, C:windows, and C:windowssystem. Use Notepad to open the non-executable class files (except EXE, bat, COM files) under C: To see if a Trojan horse, keystroke log file is found, under c:windows or C:windowssystem if there is a light with an executable program with a filename without an icon, You should remove them and then use the antivirus software for careful cleanup.


Seven, try not to use shared hard disk features


uses remote dial-up access LAN features WINDOWS98 users to use hard disk sharing and file sharing features, sharing means allowing others to download files.  When a hand is holding under the hard disk or folder icon, it indicates that the sharing function is started, select the icon, select "Share" under the "File" menu, and then choose "Do not share", and the hand disappears. (material)


Eight, do not use the "MyDocuments" folder to store Word, Excel files


Word, Excel's default file store path is the "MyDocuments" folder under the root directory, and after the Trojan horse turns the user's hard disk into a shared hard disk, the intruder can see what the user is doing from the file name in the directory, which is almost the identity of the user, So for security reasons, you should change the work path to a different directory, and the level of the deeper the better, such as: C:ABCDEFGHIJKL. To be sure, on the Internet, there is no measure is absolutely safe, hacker intrusion is an important rule: the intruder not only a way to invade, which means that only plugging all the loopholes to prevent intrusion, it is obviously impossible. Ironically, many of the security measures themselves pose a new safety hazard, as if drugs often have side effects.