Personal PC Security Settings Data collection _ Security settings

Source: Internet
Author: User
Tags net send
Personal PC Security Settings = optimization + security
Optimization: Antivirus + firewall (prompt attack) + prevent malicious plug-ins (anti-plug-in software) + Prevent some social engineering + do not visit the Yellow Web site + update patch

The 139 port is closed by selecting the Internet Protocol (TCP/IP) attribute in the local area Connection in network and dial-up connections, and entering advanced TCP/IP settings, WINS settings, which has a "Disable TCP/IP NetBIOS" and a check off of 139 ports To prohibit RPC vulnerabilities.


Prohibit "service" (Services.msc)
Automatic Updates enables the download and installation of critical Windows updates from Windows Update. If this service is disabled, the operating system can be manually updated on the Windows Update Web site.
Clipbook enables ClipBook Viewer to store information and share it with remote computers. If this service terminates, ClipBook Viewer will not be able to share information with the remote computer. If this service is disabled, any services that depend on it will fail to start.
Computer Browser maintains an updated list of computers on the network and provides the list to the computer to specify browsing. If the service is stopped, the list is not updated or maintained. If the service is disabled, any services that are directly dependent on this service will not start.
Distributed Transaction Coordinator coordinates transactions across multiple databases, message queues, file systems, and so on. If this service is stopped, these transactions will not occur. If this service is disabled, other services that explicitly depend on this service will not start.
DNS client resolves and buffers Domain Name System (DNS) names for this computer. If this service is stopped, the computer will not be able to resolve the DNS name and locate the Active Directory domain controller. If this service is disabled, any services that explicitly depend on it will not start.
The Error Reporting service collects, stores, and reports exception application crashes to Microsoft. If this service is deactivated, error reporting occurs only when kernel errors and certain types of user-mode errors occur. If this service is disabled, any services that depend on it will not be enabled.
Fast User Switching compatibility
Help and support enables you to run assistance and Support Center on this computer. If you stop the service, Help and Support Center will not be available. If you disable a service, any services that are directly dependent on this service will not start.
Human Interface
Human Interface Device Access enables universal input access to Human Interface Devices (HID), which activates and saves predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is terminated, the hot button controlled by this service will no longer run. If this service is disabled, any services that depend on it will fail to start.
IPSEC Services provides end-to-end security between clients and servers on a TCP/IP network. If this service is deactivated, TCP/IP security between clients and servers on the network will be unstable. If this service is disabled, any services that depend on it will fail to start.
Messenger transmits NET SEND and alarm service messages between the client and the server. This service has nothing to do with Windows Messenger. If the service is stopped, the siren message will not be transmitted. If the service is disabled, any services that are directly dependent on this service will not start.
MS Software Shadow Copy Provider
Net Logon
Network DDE
Network DDE DSDM
NT LM Security Support Provider (manual)
Portable Media Serial Number Service
Print Spooler (Disable for automatic otherwise for printer)
Remote Desktop Help Session Manager
Remote Procedure Call (RPC) Locator
Remote registry*
Routing and Remote Access
Secondary Logon
Server enables this computer to share files, print, and named pipes across the network. These features are not available if the service is stopped. If the service is disabled, any services that are directly dependent on this service will not start.
Smart Card
SSDP Discovery Service
System Event Notification
System Restore Service
Task Scheduler
telnet* allows remote users to log on to this computer and run programs, and supports a variety of TCP/IP Telnet clients, including unix-based and Windows based computers. If this service is stopped, the remote user cannot access the program, and any services that are directly dependent on it will fail to start.
Terminal servicess*
Uninterruptible Power Supply
Windows Image Acquisition (WIA) provides image capture for scanners and cameras.
WMI performance Adapter (manually) provides performance library information to clients on the network from the Windows Management Instrumentation (WMI) provider. This service is only run when the performance data Assistant is activated.
Wireless Zero Configuration (Wireless network Configuration service) enables automatic configuration of IEEE 802.11 adapters. If this service is stopped, automatic configuration will not be available. If this service is disabled, all services that explicitly depend on it will not start.

Modify the Registration Form
Backup Regedit Export First
1. Registered editor Deactivate: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools" =dword:00000001
Enabled: Gpedit.msc Group Policy >> User Configuration >> Management Module >> System >> standard >> block access Registry Editing Tool >> disable >> OK. (Enable to modify the registry for IBID.)
2. Turn off sharing
Method batch processing or Computer Management > Shared folders
Method two [Hkey_local_machine\system\currentcontrolset\services\lanmanserver\parameters] autodisconnect 0 Turn off the default F open

Speed up the boot
[HKEY_CURRENT_USER\Control Panel\Desktop] Autoendtasks is 1 hungapptimeout for 3000

Speed off the machine
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] WaitToKillServiceTimeout is 4000

Accelerator Menu Display
[HKEY_CURRENT_USER\Control Panel\Desktop] Menushowdelay is 0

Clear DLL file
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer]
Add one item Alwaysunloaddll the default value is 1



Hide Letter
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] The new DWORD value name is NoDrives FFFFFFFF-   All 10-e 8-d 4-c
Show Delete this DWORD value


NTFS for file encryption folder properties > Advanced > Configuration "Encrypt content to protect data" for multiple accounts to protect personal privacy


Group Policy Gpedit.msc
Group Policy >> User Configuration >> System (standard) Click Do not run the specified Windows application to enable add Cmd.exe Net.exe (otherwise disabled)

Group Policy >> Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer "Disable automatic installation of Internet Explorer components" (software is not installed automatically *)


Local Security Settings Secpol.msc
Security Settings >> account policy >> account lockout policy account lockout value is 3 (0 is not locked)
Security Settings >> Local Policies >> User Rights Assign "access to this computer from the network" leave only Administrators
Security Settings >> Local Policies >> security Options Change Login mode etc


Set Dual Password
Administrator renamed and Guest password Change login mode
SYSKEY Update Syskey Add password

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.