How ADSL users prevent vrouters from hacker attacks

At present, more and more users are using ADSL. Because ADSL users have been online for a long time and are fast, they have become the targets of hackers. Now there are various more and more detailed "IP address libraries" on the Internet. It is very easy to know the IP addresses of some ADSL users. How can we protect our network security? Take a look at the following methods.

1. Cancel folder hiding and sharing

If you use Windows 2000/XP, right-click drive C or another disk and select share, you will be surprised to find that it has been set to share this folder ", but I cannot see the content in "Network neighbors". What is the problem?

Originally, by default, Windows 2000/XP enables hidden sharing of all partitions, select system tools, shared folders, and shared from the "control panel, administrative tools, and computer management" window ", you can see that each partition name on the hard disk is followed by a "$ ". However, if you type "computer name or IPC $", the system will ask the user name and password. Unfortunately, the password of the Administrator for most personal users is empty, intruders can easily see the content of the C drive, which poses a great risk to network security.

How can we eliminate default sharing? The method is simple. Open the Registry Editor, go to "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetSevicesLanmanworkstationparameters", create a dual-byte value named "auto‑wks", set it to "0", and restart the computer, in this way, the sharing is canceled.

Ii. Reject malicious code

Malicious web pages have become one of the greatest threats to bandwidth. In the past, Modem was used because it was slow to open a webpage. Closing a malicious webpage before it was fully opened is also possible to avoid recruitment. Now the bandwidth is so fast that it is easy to be attacked by malicious web pages.

Generally, malicious web pages are destructive only when malicious code is written. These malicious codes are equivalent to some small programs, which can be run as long as the web page is opened. Therefore, to avoid malicious web page attacks, you only need to prohibit the running of these malicious code.

Run IE and click "tools/Internet Options/security/Custom Level" to define the security level as "Security Level-high ", set 2nd and 3 items in ActiveX controls and plug-ins to disabled, set other items to prompt, and click OK ". After this setting, when you use IE to browse the Web page, it can effectively avoid malicious code attacks on the malicious web page.

3. Block the hacker's "backdoor"

As the saying goes, "no wind and no waves", since hackers can access it, it means that the system must have a "backdoor" for them. As long as the backdoor is blocked and hackers have nowhere to start, there will be no worries!

1. Delete unnecessary protocols

Generally, only the TCP/IP protocol is enough for servers and hosts. Right-click "Network Neighbor", select "attribute", right-click "Local Connection", and select "attribute" to uninstall unnecessary protocols. NETBIOS is the root cause of many security defects. For hosts that do not need to provide files or print shared files, you can also disable NETBIOS bound to the TCP/IP protocol to avoid NETBIOS attacks. Select "TCP/IP protocol/properties/advanced", enter the "Advanced TCP/IP Settings" dialog box, select the "WINS" tab, and select "Disable NETBIOS on TCP/IP, disable NETBIOS.

2. Disable "file and print sharing"

File and print sharing should be a very useful function, but it is also a good security vulnerability that hackers intrude into when they do not need it. So we can disable "file and print sharing. Right-click "Network Neighbor", select "properties", and click "file and print sharing, remove the hooks in the two check boxes in the pop-up "file and print share" dialog box.

Although "file and print sharing" is disabled, it cannot ensure security. You need to modify the registry and prohibit others from changing "file and print sharing ". Open the Registry Editor, select the "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesNetWork" primary key, and create a New DWORD type key value. The key value is "NoFileSharingControl" and the key value is "1, in this way, the "file and print sharing" cannot be changed. If the key value is "0", this function is allowed. In this way, "file and print sharing" no longer exists in the "properties" dialog box of "Network Neighbor.

3. Disable the Guest account

Many intrusions use this account to further obtain the administrator password or permissions. If you don't want to use your computer as a toy for others, you can still deny it. Open the control panel, double-click "user and password", click the "advanced" tab, and then click the "advanced" button. The local user and group window is displayed. Right-click the Guest account, select properties, and select "Account Disabled" on the "General" page ". In addition, renaming Administrator accounts can prevent hackers from knowing their Administrator accounts, which ensures computer security to a large extent.

4. Do not create a null connection

By default, any user can connect to the server through an empty connection, Enumerate accounts, and guess the password. Therefore, we must disable NULL connections. There are two methods:

The first method is to modify the Registry: Open the Registry "HKEY_LOCAL_MACHINESystemCurrentControlSetControlLSA" and change the key value of DWORD "RestrictAnonymous" to "1.

Finally, we suggest you patch your system. Microsoft's endless patches are still very useful!

Related Articles]

• 10 seconds for ADSL routers to prevent hacker attacks