Do you still remember the dangers of the "Shock Wave" virus? The cause of the "Shock Wave" virus is the vulnerability of the LSA service. It is a very important service in Windows. All security authentication-related processing must pass this service. When the virus gains control over the system, it opens a port and binds cmd.exe. Then it connects to the system and transmits the worm to the system directory through ftp. After the transmission is complete, the worm file will be executed, and the system will begin to experience some poisoning exceptions. It can be seen that vulnerabilities are becoming an important gap in virus attacks. We must have a certain understanding of Windows operating system vulnerabilities and patches. If we can predict system defects and make hackers have nowhere to start, isn't it amazing? Let's take a look at some techniques to prevent unknown vulnerabilities. I. vulnerabilities and patches 1. Basic vulnerability knowledge 2. What patches have been installed in the vulnerability detection method system. We need to be aware of them and how can we obtain such information? Microsoft has a set of free system testing tools "Microsoft Baseline Security Analyzer (MBSA)" with the software: http://www.microsoft.com/technet/security/tools/mbsahome.mspx. It can determine which software updates have been installed on the server and workstation of the enterprise. MBSA will report uninstalled security updates and Service packs to the system, the vulnerability is identified by installed operating systems such as Windows Server 2003, Windows XP, Windows 2000, and Windows NT. Install this software. After scanning the system, a detection report is generated, which lists all vulnerabilities and vulnerabilities in the system. After the software is installed, click Start on the displayed page to Start scanning. Scan completed, as shown in 1.
Figure 1 3. Deployment of LAN internal vulnerability Prevention Service http://go.microsoft.com/fwlink? LinkId = 22337 windowsserversystem/sus/default. mspx "> callback. It should be noted that the SUS service only provides key updates. if the version is higher, it is not in this service scope. However, Microsoft will launch SUS2.0 this year, and its powerful functions are also worth looking forward. 2. Stop unnecessary services
Figure 2
Display name |
Description |
|
Notifies the selected user and computer of system management-level alarms. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<