Basic settings
First, four misunderstandings in online security
The Internet is actually a world that is going, you can easily connect to your favorite site, while others, such as hackers, are convenient to your machine. In fact, many machines have unintentionally left "back door" in the machine and system because of their very bad online security settings, which is equivalent to open the door to hackers. The more time you go online, the greater the possibility of invading the machine through the network through the network. If the hacker discovers security vulnerabilities in your settings, it will attack you, which may be a general harassment, such as lowering your speed or letting your machine crashes; it may be more serious, such as opening your confidentiality File, stealing password and credit card password. But many people don't think about it because they still have four misunderstandings in terms of cyber security:
Misunderstanding 1: I didn't connect other networks, so I was safe. Yes, the connection Internet is to access the Internet, but the independent machine that can be internetged, and the network protocol used is still even all the same as the machine of a commercial network center, and the machine of a commercial network center may also be installed. Public firewalls or personnel who are specially responsible for security. In order to form a strong comparison of the family, an office, a small company's personal use is indeed open, and there is no ability to prevent hackers at all. This threat is very realistic: if you use Cable Modem or DSL to connect to the Internet, and the time is very long online, there will be 2-4 modes of hacker attempt to attack you.
Misunderstanding: I use dial-up Internet access, so my machine is safe. Every time you start dial-up Internet, the IP address you use will be different, that is, dynamic IP, so in the user of the static IP. Hackers are hard to find you, but some hacker software has developed to scan thousands of IP addresses over one hour, so as long as hacks use these tools, even for users who are dial-up online may also be attacked.
Misunderstanding 3: I use anti-virus software, so I am safe.
A good virus software is indeed an indispensable part of the online security, but it is also a small part. It protects you by detecting viruses and similar issues, but they have no power to prevent hackers, but they can do it if they have malicious "legitimate" procedures.
Misunderstanding 4: I use firewall, so I am safe.
The firewall is very useful, but if your machine always receives and sends data in a safe way, you only rely on some additional procedures to provide security, this is equal to putting all the eggs in a basket, once The firewall software has bugs or vulnerabilities, that is dangerous. In addition, the firewall is completely unpalatable for the software of the virus, especially those that have a malicious quietly send or extract data to your machine. Finally, some firewall software may also help, because their manufacturers introduce the characteristics of the product in the advertisement, may incur some attacks specifically for their weakness.
However, the solution is available, you can use the tools you already, and this article will tell you how to safe settings and how to choose security software.
Second, one minute network basic knowledge
See this content, you may want to sweep over or jump directly, but this takes only one minute, and it is very helpful to understand the content below.
Simply put, you can divide you and the network into three layers.
The deepest layer is the physical connection of you and the network, including hardware. For example, dial-up Internet access, you want to use the Dial Adapter "to talk to your Modem" If it is a local area network, you need a network card and driver so that your PC and NIC exchange data, while DSL, Cable, etc. also require a network card. One PC can use multiple hardware adapters simultaneously, for example, with a Cable Modem Internet, also connected to Dial-Up MODEMs, and in the LAN, there are two network adapters and a dial adapter in such a network settings in such a system. Mid-layer connection consists of communication protocols and languages communicated by your machine and other machines, such as TCP / IP protocols, other NetBeui and IPX / SPX, these protocols can work in parallel, one protocol can be A hardware device can also be bundled with multiple protocols simultaneously on multiple hardware devices.
The top-level connection is a network device, logging in to the Internet, file and print sharing, and the top-level customer program, which completed the task that needs to be completed on the network, but unfortunately, it is two-way, or hacker You perform their operations.
So, ensure safety tricks is to ensure that there is no dangerous settings and equipment, for example, if you don't need to access it from the Internet, "files and print sharing" is not necessary, which is often used by hackers. In other words, it is carefully set to bundle, you can make sure your machine is not so easy to access, although there are some equipped equipment and protocols.
Third, how to ensure connection safety
Before you make a modification of the system settings, you should first put your key data in your system, or write down your original settings to recover when you need it. If you are in a local area network or have a special network requirement, please discuss with the administrator.
Let's check your network settings: Right-click on "Network Neighbors", select "Properties", now we have to delete some easy to allow others to connect to your Internet protocol through the Internet: TCP / IP. If you don't use dial-up Internet access, you can jump directly to the next paragraph. Double-click "Dial Adapter", "Bind", remove the content other than TCP / IP, return to the main interface, double-click "TCP / IP -> Dial Adapter", you may see a warning, indicating that if the modification will have Danger, no matter it, it will be dangerous! Click "Bind", if you select "Microsoft Network User" and "File and Print Sharing", choose them, so there is only TCP / IP, you will get such a warning: TCO / IP has no Bind to any driver ", answer no. If you use the NIC, click the TCP / IP corresponding to each card, for example, I use a cheap realtek network card, click" TCP / IP -> Realtek RT8029 (AS) PCI Ethernet NIC. "Click" Bind ", confirm that" Micrcosoft Network User "and" File and Print Sharing "are selected. But if you are on the LAN, I hope to share files and printers locally, there is also a way. Yeah, add a non-Internet protocol IPX / SPX or NetBeui. Add appropriate "Micrcosoft Network User", select File and Print Sharing, you can share files and print!
Now go back to check each adapter and protocol in the system to ensure that "Micrcosoft Network User" and "File and Print Sharing" are only selected in IPX / SPX and / or NetBeui. At the same time, it is also confirmed that these two items are not selected in TCP / IP. Then repeat this inspection process on all the machines in the local area. In this way, your machine uses only TCP / IP on the Internet, and uses a non-Internet protocol on the LAN to share printers and files. Because hackers must use TCP / IP so they need more time to access the shared printers and files. Need to note is that any changes in network settings may reset bindings and other settings, even what you have never contacted, and when you or if you have the software you have installed, you must perform the above introduction. Steps Check the TCP / IP connection to make sure it remains "clean" without binding to "Micrcosoft Network User" and "File and Print Sharing". AOL (US Online) is a disgust: it adds its own (usually unnecessary) adapters to your network settings, and may not modify your binding settings correctly, some users are After installing aol, their "file and print sharing" is bound to TCP / IP, meaning that the printers and files to be connected, the tricks of the above are also very popular. effective.
To improve your network security, you can make a lot of work, we will discuss below, but the above settings will eliminate the most common and prominent network security issues of Windows PCs, put the most obvious vulnerability to you, let you have A more secure online operation basis. Once you have learned the above method, just check it for a few minutes, basically no need for other auxiliary software, this is the benefit of doing not spend money!
Tool articles
In the previous part, we discussed how to adjust network settings to get better security, now let's see how to make more with some free or commercial products and services.
Since you already have a good online safety foundation, now you can learn the use of decisive tricks, help your machine to enhance resistance, able to prevent some common and uncommon attacks, even more higher levels Or more zuperutive attacks. So, you have two levels of safety measures, one is the network security settings introduced in the previous introduction, one is an additional security product, even if there is any problem, you still have another protection, always can't hang on a tree. Dead!
Before you add any security products to your system, make an additional test and check if your settings have OK. It is best to check if your basic network settings are safe. I recommend three excellent free sites to help you detect your Internet connection from the outside so that you can detect and correct potential security issues. Http://grc.com/intro.htm;
http://www.dslreports.com/r3/dsl/secureme;
http://www.ndion.com/;
I have used this third site continuously. The objects they test are the same, some repetition, but use different methods, the focus of testing is also different. Through a place in these three websites, you can "sniff" to the most common vulnerabilities exist in your Internet connection. If you pass these three tests, you can prevent the vast majority of hackers. Attack. In addition, the additional help file provided by the Gibson Research website (http://grc.com/intro.htm;) is worth reading, especially when you have doubts about a port (such as Netbios port139), Gibson A step-by-step guidance ensures that you close the port, see http://grc.com/su-bondage.htm. Once your PC has passed the above test, you can add a powerful program, which has a lot of procedures, but the hottest is "personal firewall", the focus of our discussion is how to choose this A class of products.
Regardless of whether you have used a public firewall, proxy server, domain name server, these local firewalls monitored your Internet data exchange in your machine to prevent abnormal access from hackers, some of which can also monitor abnormal data. Output, that is, the "back door" of Trojan horse-type secretly touching, when you don't know, send information or get information to your machine.
The personal firewall I am using is free and wonderful ZoneAlarm. Although it still has some rough, it is updated soon, the latest version is already 2.0.26, and solves the problems existing in many early versions, and it is free, It is more effective than a lot of commercial products that sell 50 municipal rounds, for example it is one of the firewalls that can detect Troji procedures. Aladdin's Esafe Protect Desktop has also joined the functionality of anti-virus programs, equivalent to the function of the firewall plus sandbox, which can prevent most of the malicious access and isolate them. In addition, they are satisfied with few system resources, only 2%. It is a worthwhile product, priced at 30 mines. But in order to compete with popular ZoneAlarm, Aladdin's Protect Desktop is now completely free of personal use, so it is worth trying to see, I am trying, it may become my new joy!
FWProxy is a simple and free program that can be accessed in the set port to check the authorization of the device, establish a connection between the device's authorization, establish a connection between remote RAS users and set internal TCP devices, if you only need this feature , Then you can try it. Sybergen Secure Desktop is very flexible, you can set up from many aspects, priced at 30 centers, its strength lies in installation, although not much document makes those lost in its excessive setting options Scholars are somewhat confused, but it will have a new version soon, we will introduce.
Blackice Defender is a prestigious, very popular firewall, which costs 40 cents to get Blackice Defender and a year of secure upgrade. Like ZoneAlarm, Blackice also has a rough place, such as its error detection warning, almost makes you an illusion, as if you are subject to an external attack, the other documents are not perfect, unless you have a firewall Technical and port allocation are very proficient, and some users are not satisfied with the levels it supported and the time for the error. It seems that NetWorkice's initiator has been overwhelmed by their victory, it is difficult to continue to maintain the original state. Another evidence of this kind of saying is about Windows 2000. The Windows 2000 has been launched for a while, while the Blackice site is still saying: "Win2k is still a beta version. We can't support it, and the detection of the invasion is good. The firewall section is still not working, we plan to support it when Win 2000 is officially launched. "This situation is associated with its safety products, because people always want its content to keep the latest state. If you have come to a hacker site and hacker's BBS, you can see the software that makes hackers and fear, selling the price of 49 Meishi round, who likes to install this software on their own machine, but I hate this software on the user machine attacked. It's just acquired by McAfee, and we still don't know what McAfee's plan, you can go to http://www.signal9.com/ to see related information.
McAfee has just acquired Cybermedia, which is a very interesting product for 30 municipal round, which is a very interesting product, a variety of functions, virus detection, privacy protection and online security, but also to malicious ActiveX and Java Applets. Protection. Conseseal ATGUARD is another firewall that makes hackers hate intertwined. It has just been acquired by Symantec, and now it has been part of Norton Internet Security 2000 for $ 60. Compared with its other products, Atguard is slightly thin, but Norton Internet Security 2000 is a security "giant", although its settings are very troublesome. But in any case, the function of the Atguard security part still makes very good, although it has been covered by the rays of other products. The products described above are some wide-ranging feature comprehensive protection software, but there are some products that are relatively finely concentrated:
Jammer, priced for 20 mines, specially designed to prevent NetBus and BackoriFice attacks, if your other security products have only general protection, it is still useful;
ProtectX, priced at 25 mines, you can monitor up to 20 ports, you can also help you track your sources of hackers, also a well-known product, although the number of ports can be monitored, and similar products It is a bit shortcomings.
Rainbow Diamond Intrusion Detector, the price is 40 meters, you will issue an alert when you may be infringed, and the Intrusion Detector monitors suspicious network activity in the machine. Once the object is found, the alarm is issued. Intrusion Detector also tries to determine the identity of your user.
TDS-2, priced at 33 Meiyuan, Trojan Trojan Prevent System from Australia, more than other software stronger than other software.
Oh, your choice is too much. With these products, your machine's security level must be high level. However, even if there is a above these products, our security work is still not completed, the next step or is a supplement to the above products, or an alternative to the above products, and a special measures you can use, will you Safety performance is improved to a high degree.
Tips
In the previous, we set out how to improve the security performance of the machine from the PC network security settings, and for most people, these measures are quite enough. But maybe your requirements are different from them, so we will continue to discuss the third step, how to make your safety more high. In fact, this step is for my individual, because I have the following special places:
I have a week a week, 24 hours a day on the Internet; I do business through inetrnet, and operate the website; I have to be conspicuous than the average person, it is more likely to become a hacker; I share the Internet to other machines.
If you also have the above or all of the features, you may also want to use my method to make your machine "Just Golden Soup", then we will communicate. First of all, I use all the technologies introduced in the first part and the second part, for example, I have no machines that bind "Internet users", "files and print sharing" to TCP / IP, all common attacks Can't afford to work; second, in each machine I use personal firewall, ZoneAlarm, can help me block hackers' intrusion.
The above is just two security levels, but I still have the third simpler and cheaper way, that is: all my machines have not directly connected Internet. Conversely, I used a rotten machine (the ancient 486, memory very little) as a server connected to the Internet, running Windows and Sygate above it, with Sygate, several machines can be connected to the Internet, and Sygate The firewall function is very good. Only this rotten machine can be seen from the outside, while the rest of the shared connections cannot be seen from the outside, so hackers cannot detect and attack. Sygate's firewall function helped very busy, it hides it himself, and said that it is to hide the machine running it. In the face of hackers, "screen sound is banned", all the phenomena shows that it is simply There is no machine, so Sygate's firewall is the fourth layer protection.
The following settings should be said to be the fifth layer of protection: if the hacker is intended to invade, he will find that he has arrived at an empty and bad machine, regardless of how it is not interested and attractive. My other few machines on the LAN have password protection, and I never saved any password in Windows in the rotten machine, so even if the hacker enters this machine, it is difficult to enter the system of other machines in the LAN, The security settings of firewalls, passwords and internal security settings are not easy!
Finally, I have the sixth level: My Cable Modem ISP uses dynamic IP addresses, and the vast majority of dial-up ISP use the same technology, with dynamic URLs, every time you go online, new addresses, Having is difficult to foresee what the next IP will be. When using the dynamic IP address, I will pull the Cable Modem's plug every day or by MODEM. Whenever I re-insert the plug back, I will get a different address, even if there is a hacker, he has to start again. Although you say that you should know that there is no online system is complete insurance unless you are not completely connected to the Internet, any system may be attacked, but if your machine adds 6 levels of security, Give hackers add too much obstacles, then your safety factor is very high, maybe because he can't stand so much trouble, give up you!
