Top 10 tactics for broadband users to prevent "hacker" attacks

Source: Internet
Author: User
Tags strong password

With the simplification and foolproof nature of hacking tools, a large number of low-tech users can also use hacking tools in their hands to launch attacks (these people are also known as "gray customers "), our internet security has been greatly threatened. Can we be forced to beat them? Of course not. As long as the settings are well set, these people cannot help us! Please refer to the ten methods described in this article.

1. Hide IP addresses

Hackers often use some network detection techniques to view our host information. The main purpose is to obtain the IP addresses of hosts on the network. IP address is a very important concept in terms of network security. If an attacker knows your IP address, it is equal to preparing a target for his attack. He can launch various attacks on this IP address, such as DoS and Floop overflow attacks. The main method to hide an IP address is to use the proxy server.

Compared with direct connection to the Internet, proxy servers can protect the IP addresses of Internet users, thus ensuring Internet security. The principle of proxy server is to set up a "Transfer Station" between a client (a computer on which the user accesses the Internet) and a remote server (for example, a user wants to access a remote WWW server ", after the client requests a service from the remote server, the proxy server first intercepts the user's request and then forwards the service request to the remote server to realize the connection between the client and the remote server. Obviously, after using the proxy server, other users can only detect the IP address of the proxy server rather than the IP address of the user. This achieves the purpose of hiding the user IP address and ensuring the security of the user's Internet access. There are many websites that provide free proxy servers. You can also search for them using tools such as proxy hunters.

2. disable unnecessary ports

Hackers often scan your computer ports during intrusion. If a port monitoring program (such as Netwatch) is installed, the monitoring program will receive a warning. In the event of such intrusion, tools and software can be used to close ports that are not in use. For example, use "Norton Internet Security" to close ports 80 and 443 used to provide web services, other ports that are not commonly used can also be disabled.

3. Change the Administrator account

The Administrator account has the highest system permissions. Once the account is used, the consequences are unimaginable. One of the common means of hacker intrusion is to try to obtain the password of the Administrator account, so we need to reconfigure the Administrator account.

First, set a powerful and complex password for the Administrator account. Then, rename the Administrator account and create an Administrator account without Administrator permissions to cheat intruders. In this way, it is difficult for intruders to find out which account has administrator permissions, which reduces the risk to a certain extent.

4. Prevent Guest Account intrusion

A Guest account is a so-called Guest account. It can access computers but is restricted. Unfortunately, Guest also opens the door for hacker intrusion! There are many articles on the Internet that show you how to use the Guest user to obtain administrator permissions. Therefore, you must prevent system intrusion based on the Guest account.

Disabling or permanently deleting a Guest account is the best option, but when you have to use a Guest account, you need to do a good job of Defense through other means. First, set a strong password for Guest, and then set the access permission for the Guest account to the physical path in detail. For example, if you want to prevent the Guest user from accessing the tool folder, right-click the folder and select the "Security" tab in the pop-up menu, you can see all users accessing this folder. Delete all users other than administrators. You can also set permissions for the corresponding users in the permissions, for example, you can only "list folder directories" and "read", which makes it much safer.

5. Block the hacker's "backdoor"

As the saying goes, "no wind and no waves", since hackers can access, there must be a "backdoor" for them in our system. We just need to block it and leave hackers nowhere to start!

1. Delete unnecessary protocols

Generally, only the TCP/IP protocol is enough for servers and hosts. Right-click "Network Neighbor", select "attribute", right-click "Local Connection", and select "attribute" to uninstall unnecessary protocols. NetBIOS is the source of many security defects. For hosts that do not need to provide files or print shared files, you can disable NetBIOS bound to the TCP/IP protocol to avoid NetBIOS attacks.

2. Disable "file and print sharing"

File and print sharing should be a very useful feature, but when we don't need it, it is also a security vulnerability that causes hacker intrusion. So we can disable "file and print sharing. Even if you do need to share the resource, you should set an access password for the shared resource.

3. Do not create a null connection

By default, any user can connect to the server through an empty connection, Enumerate accounts, and guess the password. Therefore, we must disable NULL connections. You can modify the registry using either of the following methods: Go to the Registry HKEY_LOCAL_MACHINESystemCurrentControlSetControlLSA and change the key value of the DWORD Value RestrictAnonymous to 1. The second method is to change the Local Security Policy of Windows 2000/XP to "Do not allow anonymous enumeration of SAM accounts and shares ".

4. disable unnecessary services

Service opening can bring convenience to management, but it also leaves a chance for hackers. Therefore, it is best to disable some services that are not actually used. For example, if you do not need to remotely manage your computer, I will disable the remote network logon service. Removing unnecessary service stops not only ensures system security, but also increases system running speed.

6. Set IE Security

ActiveX controls and Java Applets have strong functions, but there are also hidden dangers of exploitation. Malicious Code on webpages is usually a small program written using these controls, as long as the web page is opened, it will run. Therefore, to avoid malicious webpage attacks, only the operation of such malicious code is prohibited. IE provides multiple options for this. The specific setting steps are: "Tools"> "Internet Options"> "security"> "Custom Level ", we recommend that you disable ActiveX Control and Java related options. Always be cautious!

In addition, we can only set Internet, local Intranet, trusted sites, and Restricted Sites in IE security settings. However, Microsoft hides the "my computer" security settings here. By modifying the Registry to enable this option, we can have more options when dealing with ActiveX controls and Java Applets, it also has a greater impact on the security of local computers.

The following is a specific method: Open "run" in the "Start" menu, and enter Regedit in the "run" dialog box that appears. e xe, open the Registry Editor, click the front "+" sequentially expand to: HKEY_CURRE-NT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettingsZones, in the right window to find the DWORD Value "Flags ", the default key value is hex 21 (decimal 33). Double-click "Flags" and change its key value to "1" in the pop-up dialog box to close the registry editor. You do not need to restart your computer, re-open IE, and click the "Tools> Internet Options> Security" tab again. Then you will see an additional "my computer" icon, here you can set its security level. Set its security level to a higher level, so that the prevention is more rigorous.

7. install necessary security software

We should also install and use the necessary anti-Black software in the computer, anti-virus software and firewall are essential. Open them when surfing the Internet, so that even if hackers attack us, our security is guaranteed.

8. Prevent Trojans

Trojans can steal useful information from embedded computers. Therefore, we must prevent hackers from inserting Trojans. Common methods include:

● Put the downloaded file in a new folder and Use anti-virus software to detect the file.

● Check whether any unknown running project exists in the "Start" → "program" → "start" or "start" → "program" → "Startup" options. If yes, delete it.

● Delete all suspicious programs prefixed with "Run" under HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun in the registry.

9. Do not return emails from strangers

Some hackers may pretend to be the names of some regular websites, and then write a letter to you asking you to enter the name and password of the online users. If you press "OK ", your account and password enter the hacker's email address. Therefore, do not return emails from strangers, even if they are more attractive.

10. patch the system in time

Finally, we recommend that you download the corresponding patches for your operating system from the Microsoft site. The patches that Microsoft continuously releases are boring, but are the basis of our network security.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.