Today, we will introduce security vulnerabilities. Considering the blog reader group, this article is mainly intended for Windows desktop operating systems and should be as simple as possible. If you are familiar with security, skip this article to avoid wasting your time.
★Several Basic Concepts
◇ What is a vulnerability?
The so-called "vulnerability" is, in short, the software and hardware defects that may cause various problems (IT is called a Bug ). You must know that nothing can be perfect, and software and hardware systems are no exception (after all, programmers/engineers who develop software and hardware systems are also mortal and may make mistakes ).
◇ What is a security vulnerability?
Among the defects mentioned above, those that will be exploited by attackers and thus cause security problems are the so-called "security vulnerabilities ".
◇ What is a patch?
The patch is a very vivid statement. If your clothes break through a hole, you only need to make a patch and do not need to replace the whole dress. Similarly, if one of your software has a vulnerability, you only need to apply a patch and do not need to reinstall the new version of the software. In most cases, patches and vulnerabilities are matched.
◇ What is an attack program?
To exploit a security vulnerability, a hacker needs to run a program called an attack program (or an attack code "). The relationship between attack programs and patches is like the relationship between spear and shield.
★Classification of Security Vulnerabilities
In addition to the above basic concepts, you also need to know the classification of security vulnerabilities.
◇ Category by software type
Based on the types of software with vulnerabilities, vulnerabilities can be classified into "operating system vulnerabilities" and "application software vulnerabilities.
The so-called "operating system vulnerabilities" are the security defects of the operating system.
The so-called "application software vulnerabilities" are the security defects contained in the software you install.
◇ Classification by attack code location
Vulnerabilities can be classified into "Remote Vulnerabilities" and "local vulnerabilities" for attack programs.
The so-called "Remote Vulnerability" means that an attacker only needs to execute an attack program on another machine to recruit your computer.
The so-called "local vulnerability" means that the attacker's attack code must be executed on your machine.
★Vulnerability Prevention Measures
For the different categories of vulnerabilities, I will introduce several basic and common prevention methods.
◇ Personal Firewall
Personal firewalls are mainly used to prevent "Remote Vulnerabilities". For "local vulnerabilities", firewalls are basically not helpful.
Most remote vulnerabilities exist in the listener ports opened by your machine. The personal firewall can prevent these ports from being opened to the outside, so as to prevent potential vulnerabilities from being exploited by attackers.
Since Windows 2000, Microsoft has built firewall functions in the operating system. For Windows XP and later versions, you can open it directly in the control panel.
You can also install third-party firewall software. Recommended InstallationForeignSuch as KIS, Symantec, and ZoneAlarm of Kaspersky (Kaspersky. Do not useChinaFirewall Products
If your computer is only used for surfing the Internet, chatting, watching movies, and using office software, you can set the firewall to not open any external ports. In this way, even if your computer has a remote vulnerability, it cannot be exploited by attackers.
◇ Regular system updates
Windows has been prone to many vulnerabilities-after all, the user base is too large to be targeted by hackers. So many years ago, Microsoft began to provide Windows patches on a regular basis. The specific method is to release patches for newly discovered vulnerabilities on the second Tuesday of every month. In addition, how to detect high-risk vulnerabilities will also temporarily release emergency patches.
From Windows 2000, The system supports automatic patch upgrade. You only need to enable the "Auto Update" function in the "control panel" and then select the "Auto" mode. Make sure that the system's "automatic update" mechanism is enabled. This can block many operating system vulnerabilities and reduce the risk of attacks.
Automatic update is not unique to Windows. In addition, some Linux desktop systems (such as Ubuntu) with relatively large user groups also provide the function of automatically updating security patches. If you are using this type of system, you can also
◇ Enable Automatic Software Update
Some well-developed software will have built-in automatic update functions (such as Firefox, Google Toolbar, and so on). Once its official website has a new version or patch, it will automatically download and update it. If you are concerned about the security of such software, you can enable their automatic update function.
◇ Use niche Software
As the saying goes. The more well-known the software, the more likely it will attract the attention of hackers. The probability of Security Vulnerabilities discovered will also increase.
For example, Internet Explorer has the largest user group, and Trojan attacks against Internet Explorer vulnerabilities are the most common among various browsers. Firefox has fewer, while Chrome and Safari have fewer.
For example, Adobe Reader has many vulnerabilities exposed in the same PDF Reader. Comparatively, there are no such problems as "Foxit Reader" and "PDF-XChange Viewer.
Let's talk about the basic prevention of Security Vulnerabilities today. Considering the recent surge in Web attacks, the next post in this series will discuss Web-related topics.