Every year, Microsoft Security Response Center investigates thousands of Security reports. In some cases, once one of the reports finds that a security vulnerability is caused by a product defect, microsoft will develop patches as soon as possible to fix errors (see Microsoft Security Response Center ). In other cases, the problems reported are only caused by human errors when using the product. There are also many cases between the two. They are discussing real security issues, but they are often not caused by product defects. Over the past few years, Microsoft has developed a list similar to these problems, known as "Ten unchanged security rules ".
Do not bother to prevent the patches that occur in the issues discussed below from going public. Microsoft or other software vendors cannot completely fix these problems because they are produced by the way computers operate. But do not be totally desperate. wise judgment is the key to preventing these problems from occurring on you. If you keep these rules in mind, you can significantly improve the security of your system.
Rule 1: If a motivated person can persuade you to execute his program on your computer, the computer will no longer belong to you.
This is the unfortunate fact of Computer Science: when a computer program is executed, whether or not it is harmful or not, it will follow the instructions of the program. When you choose to execute a program, this decision will entrust control of the computer to the program. Once the program starts to run, it may do anything, but it will not go beyond what you can do on the computer. The program can monitor your key input and send it to the website, open every file on the computer, change the word "yes" in all files to "no", send rude emails to all of your friends, install viruses, and create a "backdoor" for others to remotely control you. or the ISP that is directed to nipolar Kathmandu, or format your hard disk.
So this is very important: never execute or even download programs from untrusted resources, and "resource" refers to writing programs rather than giving them to you. Executing programs and eating sandwiches is a good simulation: if a stranger comes to you and gives you a sandwich, will you eat it? I'm afraid not. What if your best friend gives you a sandwich? You may or may not eat it. It depends on whether she made it by herself or on the road. You may be safe to apply the judgment and thinking used in the sandwich situation to the program.
Rule 2: If a motivated person can change the operating system on your computer, the computer will no longer belong to you.
In the end, the operating system is only a series of 0 and 1. When the processor interprets it, it will lead to a specific computer event. When 0 and 1 change, different events will be completed. Where are values 0 and 1 stored? It is shared with other things on the computer! They are just files, but if other people who use computers can change these files, that's not good.
To understand the cause, we need to think of the operating system file as the most trusted file in the computer, and usually execute it with special privileges at the system level, that is, they can do anything. In addition, you can trust them to manage user accounts, process password changes, and execute the rules on who can do anything. If a motivated person changes these files, they become untrustworthy and will do what this person calls them to do, so there is nothing that he cannot do. He can steal the password, make him the system administrator of the computer, or add new features to the operating system. To prevent this type of attacks, make sure that the system files (and logon files) are fully protected (the Security check list on the Microsoft Security website will help you do this ).
Rule 3: If a motivated person has unlimited physical access to your computer, the computer will no longer belong to you.
If a motivated person can use your computer, he can do a lot of things. Here we list the samples from the Stone Age to the space age:
He can launch extremely low-tech denial-of-service attacks and kill your computer with a sledgehammer.
· He can unplug the computer's socket, transport it out of the building, and hold it for ransom.
· He can use the disk to boot and reformat your hard disk. But wait, you said, "when the computer is turned on, the BIOS on the computer prompts you to enter the password .」 This is no problem. He can open the computer chassis, change the system hardware, and change the BIOS chip (in fact, there are many easier ways ).
· He can remove your hard disk from your computer, install it on his computer, and read the contents.
· He can copy your hard disk and bring it back to his nest. There, he has enough time for brute force attacks, such as trying all possible login passwords. There are available programs to automate this job. If there is enough time, there is no doubt that he will succeed. After the success, rule 1 and rule 2 will come in handy.
· You can replace your keyboard with a wireless poster to monitor all the messages you enter, including your password.
Always determine that the protection of a Computer Entity is proportional to its value, and remember that the value of a computer is not only a part of hardware, but also includes data and the value of a person with poor motivation to access your network. Commercial key machines should at least be placed in a locked Data room, which is only accessible to system administrators or maintenance personnel. However, you may also need to consider protecting other computers and use additional protection measures.
If you travel with a notebook computer, it is absolutely important to protect it. Small size, light weight, and other characteristics that make notebook computers a companion to travel are also reasons that make them very easy to steal. Currently, there are locks and alarms available for Pen recording computers. Some computers can also take the hard disk away and carry it with you. You can also use functions like Windows 2000 encrypted file system, which can be mitigated when someone successfully steals a computer. However, the only way for you to fully determine file data security and hardware that have not changed is to always carry your laptop around when you travel.