Protect win system from metasploit attacks

I have previously written an article "metasploit penetration defense ultimate manual" under linux to defend against metasploit attacks. winxp is the main victim. I would like to give some personal opinions here, I hope to help you with the following:

1. You must install a firewall as long as it is mainstream. Strict control requires Internet connection. Applications and ports that need to be opened should not be squinted and agreed at will (I have this habit as long as the firewall intercepts it. I will directly agree to allow)

2. install anti-virus software. Little red umbrella is good and free of charge.

3. Install the "micro-point active defense software" at http://www.micropoint.com.cn/mpdownload.php. The online introduction is correct. Dealing with metasploit

4. Enable the win dep data protection function without affecting compatibility. Right-click my computer properties and choose advanced> performance> data protection:

DEP requirements for hardware implementation

To implement DEP using hardware, all of the following conditions must be met:

1. The computer's processor must support hardware implementation DEP.
   
   Many new processors Support Hardware Implementation DEP. Advanced Micro Devices (AMD) and Intel Corporation have defined and provided architectures that are compatible with both Windows and DEP. This type of processor supports either NX (Execution prohibited) or XD (Execution disabled) technology. To determine whether the computer processor supports hardware implementation DEP, contact the computer manufacturer.
2. DEP must be enabled in the BIOS.
   
   In the BIOS of some computers, DEP processor support for hardware can be disabled. You cannot disable this feature. The options used to disable this support may be marked as "Data Execution Protection", "XD", "execution disabled", or "NX", depending on the computer manufacturer.
3. Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 must be installed on your computer.
   
   Note:: Both Windows 32-bit and 64-bit versions Support Hardware Implementation DEP. Windows XP Media Center Edition 2005 and Microsoft Windows XP Tablet PC Edition 2005 include all functions and components of Windows XP SP2.
4. The hardware implementation DEP must be enabled for programs on the computer.
   
   In the 64-bit version of Windows, the hardware implementation DEP is always enabled for 64-bit local programs. However, a 32-bit program may have been disabled for hardware implementation DEP, depending on your configuration.

For more information about DEP and DEP configurations and a list of Windows operating systems that support hardware DEP, click the following article number to view the article in the Microsoft Knowledge Base:

875352 (http://support.microsoft.com/kb/875352/) Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and DEP in Windows Server 2003

For information about how to configure memory protection in Windows XP Service Pack 2, visit the following Microsoft Website:

Http://www.microsoft.com/china/technet/security/prodtech/windowsxp/depcnfxp.mspx

How to check whether hardware DEP in Windows is available

To check whether the hardware DEP in Windows is available, use either of the following methods.

Method 1: Use the Wmic command line tool

You can use the Wmic command line tool to check the DEP settings. To determine whether DEP is available for hardware implementation, follow these steps:

1. Click Start and run, Type cmd in the open box, and click OK ".
2. At the command prompt, type the following command and press Enter: wmic OS Get DataExecutionPrevention_Available. If the output is "TRUE", DEP is available for hardware implementation.

To determine the current DEP support policy, follow these steps.

1. Click Start and run, Type cmd in the open box, and click OK ".
2. At the command prompt, type the following command and press Enter: wmic OS Get DataExecutionPrevention_SupportPolicy. The returned value is 0, 1, 2, or 3. This value corresponds to one of the DEP support policies described in the following table.

Collapse the table and expand the table.

DataExecutionPrevention_SupportPolicy Attribute Value	Policy level	Description
2	OptIn (default configuration)	DEP is applied only for Windows components and services.
3	OptOut	Enable DEP for all processes. The administrator can manually create a list for a specific application that does not apply DEP.
1	AlwaysOn	Enable DEP for all processes.
0	AlwaysOff	Disable DEP for all processes.

Note:: Check whether hardware DEP is enabled for Windows.Win32_OperatingSystemClassDataExecutionPrevention_DriversAttribute. In some system configurations, you can use/NopaeOr/ExecuteDisable hardware DEP. To check this property, type the following command at a command prompt:

Wmic OS Get DataExecutionPrevention_Drivers 5. Finally, try to use a non-toxic xp. patch the latest vulnerability in the original version. Currently, many ghost versions have multiple backdoors. If you need to use anti-virus software first, scan the trojan software for full antivirus purposes .. After the above reinforcement, we have basically won't have much problem with win. May we attack it on principle?

From: http://cookingbsd.blog.51cto.com/5404439/988988