More netizens should be home users, but our home users are often the most "hackers" attack the place, why do I This "hacker" to make quotes? Because the real hackers are not going to invade our private computers, only the rookie, Garbage will do so, but they call themselves hackers, so quote!
So how do you deal with these rookies? In fact, it is very simple, such as the closure of 135,139,445 ports, in fact, now the telecommunications have been 35,139,445 of these ports have been sealed, but the same network segment can be swept! There are some other places we also need to set up, so as to sleep more peace of mind!
1, prohibit the IPC null connection
Cracker can use the net using command to establish an empty connection, and then intrusion, and net View,nbtstat these are based on the null connection, the prohibition of NULL connection is good. Open the registry and find local_machine\system\currentcontrolset\control\lsa-restrictanonymous to change this value to "1".
2. Prohibit at command
Cracker often give you a Trojan horse and then let it run, then he needs at command. Open Administrative Tools-Services, disable Task Scheduler services.
3. Turn off Super Terminal Services
If you open it, the loophole is rotten.
4. Close SSDP Discover Service
This service is primarily used to start the UPnP device on the home networking device, and the service will also start Port 5000. Can cause a DDoS attack, allowing the CPU to use up to 100%, causing the computer to crash. Supposedly no one will bother to do the personal machine DDoS, but the use of the process is also very occupied bandwidth, it will continue to send packets to the outside, affecting the network transmission rate, so it is closed good.
5. Close Remote Registry Service
Let's see. Allow remote modification of the registry?!
6. Disable NetBIOS on TCP/IP
Network Places-Properties-Local Area Connection-Properties-internet protocol (TCP/IP) Properties-Advanced-wins panel-netbios Settings-disables NetBIOS on TCP/IP. This way cracker cannot use the nbtstat command to read your NetBIOS information and the NIC MAC address.
7. Turn off DCOM service
This is 135 port, in addition to being used as a query service, it can also cause a direct attack, the Shutdown method is: In the runtime input dcomcnfg, in the Pop-up Component Services window to select the default attribute tag, cancel "Enable Distributed COM on this computer" can be.
8. Change the permissions of shared files from "Everyone" group to "authorized user"
"Everyone" in Win2000 means that any user who has access to your network will be able to access the shared information. Do not set the users who share files to the Everyone group at any time. Including print sharing, the default property is "Everyone" group, must not forget to change.