Teach you seven great tricks. Preventing illegal intrusion under Windows system

Source: Internet
Author: User
Tags exit

First Trick: Screen saver

After screen saver is enabled in Windows, the screen saver will automatically start as soon as we leave the computer (or not operate the computer), and the system opens a password confirmation box when the user moves the mouse or clicks the keyboard to return to normal working state. Only after you have entered the correct password can you return to the system, and users who do not know the password will not be able to enter the working state, thereby protecting data security.

Hint: Part of the design of the imperfect screen saver does not shield the system's "Ctrl+alt+del" key combination, so you need to set the completion test whether the program exists this significant bug.

However, screen protection can only be started automatically after the user leaves for 1 minutes, do we have to sit next to the computer and wait for n minutes to see screen saver activation before we leave? In fact, we just open the system subdirectory inside the Windows installation directory and find the appropriate screen saver ( Extension is SCR, hold down the right mouse button to drag them to the desktop, select the "Create shortcut in Current Location" command in the pop-up menu, and create a shortcut to the screen saver on the desktop.

After that, we can quickly start screen protection by double-clicking this shortcut when we leave the computer.

The second trick: cleverly hide the hard drive

In the By Web Page view mode, a warning message pops up when you go into the Windows directory. If you modify the contents of this folder to cause the program to run abnormally, to view the contents of the folder, click Show Files, and then click Show Files to enter the directory. The reason is that there are Desktop.ini and Folder.htt two files under the Windows root. Copy these two files to the root of a drive (since these two files are hidden files, you must click the View tab in the Folder options before you can see the two files). Then press the "F5" button to refresh and see what happened, as is the case when entering the Windows directory.

Next we use Notepad to open the Folder.htt, a file written in HTML, and use your imagination to modify it.

It doesn't matter if you don't know the HTML language, first find "show file" Delete it, find "modify the inside of this folder may cause the program to run abnormally, to see the contents of the folder, click the Display file", change it to your favorite text, such as "Safe place, unauthorized people, please leave quickly."

To view the contents of this folder, click to change to "otherwise, the consequences are at your own!", and then drag the slider down to line 9th and find "(file://%TEMPLATEDIR% wvlogo.gif)" This is the path to the lower right corner of the gear picture when the warning message is displayed. Change it to the path of your own picture, such as "d:tupiantupian1.jpg" to replace "//", remember that you must print the suffix name of the picture, otherwise the picture will not appear.

Of course, you can also use such as Dreamweaver, FrontPage, such as Web tools to make better results, and then just copy the original file to the following text, cover the original file "~" between the content can be.

*this file is automatically generated by Microsoft Internet EXPlorer 5.0

*using the file%thisdirpath%folder.htt.

Save and exit, press "F5" key to refresh, is not very personality? The next thing to do is to use the "Super Rabbit" to hide the drive you want, without restarting, you can enjoy your work.

Finally tell you a recruit more absolutely, is simply folder.htt the original file "~" between the contents of all deleted, so that will give the person who opened your drive to create an illusion that this is an empty drive, so that the file is more secure.

The third trick: Disable the Start menu command

Group Policy features are integrated in Windows 2000/XP, and Group Policy allows you to set up a variety of software, computers, and user policies to enhance the security of your system in some way. Run the start → Run command, enter gpedit.msc in the open field of the Run dialog box, and then click OK to start the Windows XP Group Policy Editor.

In local computer policy, expand the user configuration → administrative templates → Taskbar and Start Menu branch, and provide relevant policies for the taskbar and Start menu in the right window.

When you disable the Start menu command, in the right window, you provide strategies for removing the common program Group on the Start menu, the My Documents icon, the document menu, the Network Places icon, and so on. To clean up the Start menu, just turn on the policy for unwanted menu items, such as removing the My Documents icon, for example, with the following steps:

1 in the Policy List window, double-click the Remove my document icon from Start menu option.

2 In the Settings tab of the pop-up window, select the Enabled radio button, and then click OK.

Four: desktop-related options are disabled

Windows XP desktop is like your desk and sometimes needs to be sorted and cleaned. With the Group Policy Editor, this work becomes easy, as long as you expand the user configuration → administrative Templates → Desktop branch in local computer policy to display the appropriate policy options in the right window.

1 Hide the desktop System icon

If you hide the System icon on the desktop, the traditional method is to modify the registry through the way to achieve, this is bound to cause a certain degree of risk, the use of Group Policy Editor, you can quickly and easily achieve this goal.

To hide the Network Places and Internet Explorer icons on your desktop, you can turn on the two policy options on the Hide Desktop Network Neighborhood icon and hide Internet Explorer icons on the desktop in the right window. If you hide all the icons on your desktop, you can just turn on the hide and disable all items on the desktop.

When you enable the "Remove my document icon on desktop" and "delete My Computer icon on desktop" two options, the "My Computer" and "My Documents" icons will disappear from your computer desktop. If you no longer like the "Recycle Bin" icon on your desktop, you can also delete it by enabling the "Remove Recycle Bin from desktop" policy entry.

2 prohibit certain changes to the desktop

If you don't want anyone else to change the settings on your computer's desktop, enable the "Do not save settings when exiting" option in the right window. When you enable this setting, other users can make some changes to the desktop, but some changes, such as the icon and the location of the open window, the location and size of the taskbar, cannot be saved after the user logs off.

Recruit: Prohibit access to Control Panel

If you do not want other users to access the computer's control panel, you simply run the Group Policy Editor, expand the local computer policy → user Configuration → admin templates → Control Panel branch in the left window, and then turn on the "Prohibit Access Control Panel" policy on the right window.

This setting prevents Control Panel program files from starting, and the result is that others will not be able to start Control Panel or run any control Panel items. In addition, this setting removes Control Panel from the Start menu, and this setting also removes the Control Panel folder from Windows Explorer.

Tip: If you want to select a control Panel item from the context menu's property item, a message appears stating that the setting prevents this action.

Trick Six: Set user permissions

When multiple people share a single computer, set user rights in Windows XP, follow these steps:

1 run the Group Policy Editor program.

2 Expand the "Computer Configuration →windows settings → security settings → local policies → user Rights Assignment" branch in the left window of the editor window.

3) Double-click the user right that you want to change by clicking the Add User or Group button, and then double-click the user account you wish to assign to the permission, and then click OK to exit.

Seventh Recruit: Folder Setup Audit

Windows XP can use audit trails to access user accounts for files or other objects, logon attempts, system shutdown or restart, and similar events, while auditing files and folders under NTFS partitions can guarantee the security of files and folders. To set up auditing for files and folders, follow these steps:

1 in the Group Policy window, expand the "Computer Configuration →windows settings → security settings → Local Policies" branch in the right window and select the Audit Policy option under that branch.

2 in the right window, double-click the Audit object access option in the mouse.

3 Right-click the file or folder you want to audit, select the pop-up menu Properties command, and then select the Security tab in the pop-up window.

4 Click the Advanced button and select the Audit tab.

5 Depending on the circumstances, choose your operation: If you set up auditing for a new group or user, you can click the Add button and type a new user name in the Name box, and then click OK to open the Audit Entry dialog box.

To view or change an existing group or user audit, you can select a user name and then click the View/Edit button.

To delete an existing group or user audit, you can select a user name and then click the Delete button.

6 If necessary, select the place you want to audit in the Apply to list in the Audit Entries dialog box.

7 If you want to prevent files and subfolders in the tree from inheriting these auditing entries, select the Apply these auditing items only to objects and/or containers within this container check box.

Note: You must be a member of the Administrators group or a user who is authorized in Group Policy to have the Manage auditing and security log permission to audit files or folders. Before Windows XP audits files, folders, you must enable Audit object access for Audit policy in Group Policy. Otherwise, when you set up file, folder audit will return an error message, and files, folders are not audited.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.