How does a computer prevent hackers from invading?

the setting of a computer

1 Turn off file and print sharing

File and print sharing should be a very useful feature, but it is also a good security breach for hackers when it is not needed. So without the need for "file and print sharing," we can turn it off. Right-click Network Neighborhood, select Properties, and then click the File and Print Sharing button to remove the hooks from the two check boxes in the File and Print Sharing dialog box that pops up. Although file and print sharing is turned off, it is not guaranteed to be secure, and the registry is modified to prevent people from changing file and print sharing. Open Registry Editor and select the Hkey_current_usersoftwaremicrosoftwindowscurrentversionpolicies

Network "PRIMARY key, the key value of the new DWORD type under the primary key is named" Nofilesharingcontrol "and the key value is set to" 1 "to prevent this feature from being changed for file and print sharing, and the key value" 0 "indicates that the feature is allowed. This removes file and print sharing from the Properties dialog box in Network Neighborhood.

2. Disable the Guest account

There are a lot of intrusions through this account to further obtain the administrator password or permissions. If you don't want to give your computer to others as a toy, it's a good ban. Open the Control Panel, double-click Users and Passwords, click the Advanced tab, and then click the Advanced button to eject the Local Users and Groups window. Right-click on the Guest account, select Properties, and choose "Account deactivated" on the "General" page. In addition, renaming the administrator account can prevent hackers from knowing their administrator account, which will largely guarantee computer security.

3. Prohibit the establishment of a null connection

By default, any user can connect to the server via a null connection, enumerate the accounts, and guess the password. Therefore, we must prohibit the establishment of an empty connection. The method is to modify the registry: Open the Registry "Hkey_local_machinesystemcurrentcontrolsetcontrollsa" and change the key value of the DWORD value "RestrictAnonymous" to "1".

　　Second, the installation of the necessary security software

We should also install and use the necessary anti-black software on the computer, anti-virus software and firewalls are necessary. Open them on the internet so that even a hacker can attack our security is guaranteed.

　　Third, close the unnecessary port

Hackers often scan your computer port at the time of intrusion, and if you have a port monitor installed (such as Netwatch), the monitor will have warning prompts. If this intrusion is encountered, the tool software can be used to shut down ports that are not in use.

　　Don't return to a stranger's mail

Some hackers may impersonate some formal website name, and then make up a good reason to send a letter to you to ask you to enter the Internet user name and password, if press "OK", your account number and password into the hacker's mailbox. So don't just go back to a stranger's mail, even if he says it again, it's tempting to be fooled.

V. Change the Administrator account

The Administrator account has the highest system privileges, and once the account is exploited, the consequences are disastrous. One of the common means of hacking is to try to get the password of the administrator account, so we have to reconfigure the administrator account.

The first is to set up a powerful and complex password for the administrator account, and then we rename the Administrator account and create an administrator account that does not have admin privileges to deceive the intruder. In this way, it is difficult for intruders to figure out which account really has administrator rights, and to some extent reduce the risk.

　　Vi. Hide IP Address

Hackers often use some network detection technology to view our host information, the main purpose is to get the IP address of the host in the network. IP address is a very important concept in network security, if the attacker knows your IP address, is equal to the target for his attack, he can launch a variety of attacks on this IP, such as DOS (denial of service) attacks, Floop overflow attacks.

The primary way to hide an IP address is to use a proxy server. Compared with direct connection to the Internet, the use of Proxy server can protect the IP address of Internet users, thus ensuring the security of the Internet. The principle of a proxy server is to set up a "staging point" between the client (the computer on the Internet) and the remote server (such as the user wants to access the remote WWW server), and when the client requests a service from the remote server, the proxy server intercepts the user's request, and the proxy server forwards the This enables the connection between the client and the remote server.

Obviously, after using a proxy server, other users can only detect the IP address of the proxy server instead of the user's IP address, which realizes the purpose of hiding the user's IP address, and protects the user's Internet security. There are a lot of websites that provide free proxy servers, and you can find them by using tools such as proxy hunters.

　　Seven, prevent Trojan program

Trojan Horse program will steal the useful information in the implanted computer, so we also want to prevent hackers implanted Trojan program, commonly used methods are:

1, in the download file first put into their own new folder, and then use anti-virus software to detect, play an early preventive role.

2, in the "Start" → "program" → "Start" or "Start" → "program" → "Startup" option to see if there are unknown operation of the project, if any, delete can be. Remove all suspicious programs that are prefixed with "Run" in the registry Hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun.

　Viii. Elimination of the Guest account intrusion

The Guest account, the so-called Guest account, has access to the computer, but is restricted. Unfortunately, the guest also opened the door for hacking! There are many articles on the web that have introduced how to use guest users to get administrator privileges, so avoid system intrusions based on the guest account.

Disabling or removing the Guest account is the best way to do it, but in some cases you must use the Guest account, there are other ways to do the defensive work. First, set a strong password for the guest, and then set the Guest account's access to the physical path in detail. For example, if you want to prevent guest users from having access to the tool folder, you can right-click the folder and select the Security tab in the pop-up menu to see all users who have access to the folder. Remove all users except administrators. Or you can set permissions for the appropriate user, such as "List Folder Directory" and "read", and so on, which is much more secure.

　　Nine, do a good job of IE security settings

ActiveX controls and applets have a strong function, but there is a hidden danger of being exploited, the malicious code in the Web page is often the small program written by these controls, as long as the Web page will be opened to run. So to avoid malicious page attacks only prohibit these malicious code from running.

IE provides a variety of options, the following steps: "Tools" → "internet Options" → "Security" → "Custom Level", we recommend that you disable ActiveX controls and related options. There is nothing wrong with being cautious.

In addition, we can only set the Internet, the local intranet, the trusted sites, and the Restricted sites in the security settings of IE. However, Microsoft hides the "My Computer" security setting here, and by changing the registry to turn this option on, it gives us more options for dealing with ActiveX controls and applets, and has a greater impact on local computer security.

The following are the specific methods:

1, open the Start menu, "Run" in the pop-up "Run" dialog box to enter Regedit.exe.

2, open the Registry Editor, click on the front of the "+" number in sequence to expand to: Hkey_curre-nt_usersoftwaremicrosoftwindowscurrentversioninternetsettingszones

3, in the right window to find the DWORD value "Flags", the default key value of 16 to 21 (decimal 33), double-click "Flags",

4, in the pop-up dialog box to change its key value to "1", you can close the Registry Editor. No need to restart the computer, open IE again, click the "Tools →internet option → safe" tab, you will see a "My Computer" icon, where you can set its security level. Set its security level higher, so the guard is more stringent.

5, finally recommended to their own system patch, Microsoft those patches are very useful.

Through these methods, to prevent hackers to invade their own computers, to protect their own property, information and privacy security.