Address: http://www.bkjia.com/Article/200905/38097.html
In the previous articles, the author introduced to you the lack of relying solely on system patches and necessary security settings to "streaking" the Internet without installing any anti-virus software or firewall tools, we have introduced the periodicity and timeliness of system patch release, illegal installation of page plug-ins, and malicious attacks of Forum scripts, I believe many readers have a clear understanding of the security of this "streaking" Internet access. Of course, there are more than these security risks in "streaking" online. Today, I will be saving resources and "streaking" online to see if everything is okay (next) this article will continue to introduce several other security risks during "streaking" Internet access.
1. software package into the system is inevitable:
Sometimes, when installing software, we may find that many unwanted programs are also integrated into our system. This is because many rogue software and malicious plug-ins are hidden in the installation programs of formal software, through packaging and integration, these illegal programs can be entered into the system silently when we install formal software.
It is difficult to avoid entering the system through software packaging, especially when we "streaking", there will be no prompts during the installation process, and the corresponding illegal programs will enter the system with a brain. (1)
Advantage: If we have installed a firewall or anti-virus software, when the software involved in the installation process tries to write any information to the system registry, anti-virus software will immediately prompt the program to be modified and the location to be modified, in this way, we can disable the write operation to the registry according to the actual situation, so that illegal programs cannot affect our system.
I suggest that for general users, it is very concealed to package the software into the system. We must use the real-time monitoring function to prevent illegal programs from entering the system along with the formal software. In this regard, rising and Kaspersky are doing well, but Kaspersky occupies a slightly larger resource. Therefore, for illegal software packaging and installation, rising real-time monitoring can effectively solve the above problems. (2)
2. Microsoft update takes care of the following:
Next we will talk about the limitations of Microsoft's official Windows update patch objects. To put it bluntly, he is only responsible for patch updates for Microsoft-related products, and basically for windows operating systems, office software, SQL server database programs, and other products developed by Microsoft. If they are products of other companies or third-party software, vulnerability patches are not the objects of Windows update.
In this way, there is a problem, even if we use Windows update to make up for all the relevant patches, if there are other network programs in our system, network applications may also have vulnerabilities, in practice, security problems are also caused. Viruses and hackers can intrude into "streaking" systems through these vulnerabilities. At the same time, network viruses such as ARP spoofing will not give up attacks due to windows update updates. Their implementation mechanism is irrelevant to system vulnerabilities, under normal circumstances, a LAN without a MAC address or an IP address is under attack and cannot access the Internet smoothly.
However, anti-virus software or related security tools can help us to fix and compensate for existing software vulnerabilities from these software. We can use relevant software to perform security scans on non-Microsoft software and programs in the system. After discovering the versions with vulnerabilities, we will be prompted to upgrade and fix them. (3)
The advantage of not streaking-security software or anti-virus software can be used to scan security of all software and programs and make up for vulnerabilities. Compared with windows update, such protection is more secure, I believe that the patches provided by windows update cannot completely solve all security problems of the system.
I suggest that: when scanning software and other rogue programs, we should generally choose domestic anti-virus software or security tools, because in terms of performance, these programs are more familiar with China's national conditions, it can scan mainstream software vulnerabilities in China and immediately fix the defects of these third-party software and applications. For example, I often use the Kingsoft vulnerability repair function to scan system vulnerabilities and Software defects and install related vulnerability patches. (4)
3. Microsoft UPDATE often gets confused ":
In addition to taking care of Microsoft update, Microsoft update's automatic updates are often confused ". The most typical issue is that you need to install corresponding update patches for certain vulnerabilities in your system, but Windows update does not prompt the existence of these vulnerabilities.
I have encountered such a problem. I scanned the local system via Microsoft's windows update official update page and found that only two vulnerabilities exist. net framework 3.5 is installed and updated, and the other is for office 2003. Other Security Vulnerability scanning tools detect Six vulnerabilities, in addition, many security levels are "important ". This is a typical example of Microsoft UPDATE's "confused. (5)
So why is this problem? I think there are two possible reasons: First, Microsoft Windows update has an error in scanning the local machine, and I think the corresponding patch has been updated or the corresponding vulnerability does not exist, this is related to the scanning mechanism of Windows update, which cannot be changed in a short time. Second, some patches may have selected the "never prompt me to install these patches" option during previous installation, in this way, no matter which method we use for windows update in the future, these patches will no longer prompt installation.
Advantage of not streaking-the system scan of security software or anti-virus software can be used for Comprehensive scanning of system security, and this scan will not be affected by windows update settings, the overall scanning process is quite comprehensive and accurate.
4. crisis caused by human setting:
In addition to Windows update, improper manual operations may also lead to security risks, such as accidentally enabling the guest account or setting the password for the system administrator account is too simple, these will bring security issues to the local machine. Even if our system does not have any vulnerabilities, intruders can easily access the user's computer system through weak passwords and empty passwords to snoop user privacy.
Manual setup includes not only system accounts, but also management account protection for some software, especially network software. For example, when the FTP service is enabled, the loss of FTP administrators is no less serious than the loss of system administrators. In the streaking status, these improper human settings will not be noticed by us. We need corresponding security tools to help us make up for these manual setup problems.
The advantage of not streaking-the use of software to solve manual setup defects requires that even Senior Network Security Engineers cannot ensure that their settings do not have any problems. Many hacker tools can use a little lack of setup to perform cross-Permission attacks. Therefore, the crisis caused by manual setup is also huge.
5. Disabling automatic running is not omnipotent:
Finally, I want to talk about the security of the USB flash drive. Many users with certain security technologies, especially those who are "streaking", have determined that the best way to prevent the USB flash drive virus is to disable automatic playback, run automatically, and right-click and select "open" to view the content of the USB flash disk. In fact, this method of disabling Automatic Running can play a certain effect, and it can avoid system intrusion by loading its own viruses by means of automatic running. However, this method is also not omnipotent, right-click the USB flash drive and select "open" or the directory in it to be infected. Some viruses use file preview and other functions to invade the system.
Therefore, disabling automatic running is not a panacea. We also face huge security problems. right-clicking this option is only suitable for preventing viruses that use autorun. ini for attacks.
Advantage of not streaking-the USB flash drive immune or USB flash drive monitoring tool can disable access to system directories, files, and processes while enabling the USB flash drive, so as to cut off the spread media of the USB flash drive virus at the first time, makes our system more secure.
Vi. Summary:
In any case, it is unwise to simply rely on windows update and limited security measures to "streaking" on the Internet. The crisis of "streaking" is huge, after all, there are many ways to spread viruses and hackers. Using windows update to make up for vulnerabilities can only prevent more than 90% of vulnerability-type viruses to the maximum extent, other types of viruses and malware cannot work. This is why many "streaking" people are still infected with viruses. Therefore, I hope that this article will help you eliminate mistakes and alert users who are still "streaking" online. Do not trust windows update too much. After all, his role is still quite limited.