Hackers are a major threat to network security, Eesafe to introduce a few simple ways to identify whether the system has been hacked.
1, view the list of services
Click on "Start"-"program"-"Management Tools"-"Computer Management", first look at "User and group management", whether there are suspicious users exist, whether in the Administrators Admins group there is not a member of the account; second, look at the "shared folder", whether there should be shared; The last thing you need to see is the service and application service, which checks for unfamiliar service names with no exceptions in the service name of "started".
2. View the list of ports that the system is using
Enter on the command line: Netstat to see which ports are open to the system, whether there are suspicious ports, most Trojans or backdoor will open a specific port, so view from the port can find some of the backdoor traces of Trojans.
3. View the Process list
Open Task Manager to check for suspicious processes. An intruder-named process is often very close to the system's process name and should not be fooled by processes such as kernel and the Internet.
4, view the log
In addition to the system's logs, you need to look at the logs of services that are open for your computer, including FTP, NS, and logs of the firewall and antivirus software.
The check includes whether logging breaks occur (intruders usually erase their traces, and generally is to delete the entire log or delete part of the log behavior), whether a suspicious account login (using account login is the most direct means of intrusion); For example, there is still an admin login after work.
Have any question, welcome everybody joins the Eesafe website Safe Community ② Group (130621025) exchanges the discussion.
Eesafe website Security Alliance original article, reprint please link form annotated http://www.eesafe.com/bbs/thread-6516-1-1.html
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.