Author: Lonely Swordsman
website:
http://www.janker.org
Keywords: virus (Virus) hacker security (Security)
Summary:
This article is in accordance with the principle of "simple and easy to understand, safe and stable, economical", aimed at helping individual network users learn more about security threats, so that effective safety precautions can achieve their data. And dignity is not inferred. This paper mainly consists of three major components, first analyzing the main source of security threats, and then proposes the corresponding security solution for security threats, and finally gives a practical recommendation plan. This article is not only suitable for home network users. If you consider the security of user systems, it applies to network customers in corporate units. Of course, if you think your personal computer system is not worth protection or willing to endure over and over again, this article is not suitable for you.
First, the main threat source (Baleful Source)
1, physical contact (Physical Touch)
By physically contacted unauthorized access and destruction, it is a very simple and effective way of attack. Fortunately, most people who can physically touch your computer are trustworthy. However, as the saying goes: "The heart is not in the heart of the people," for your computer and data security, you still have to understand the way of physical attacks, the main mode is as follows:
(1) Floppy booting: Boot your computer by using the floppy disk to easily access your data, in accordance with expert studies, this method is currently valid for all Windows and UNIX.
(2) Hard Disk Stolen: If the computer placed in the computer is unsafe, it is likely that the situation directly puts your hard disk or even the computer.
(3) Password Record: When entering a password on the keyboard, it is easy to be unrestricted, no matter whether you believe or do it, someone can quickly knockerel at a few meters away. Characters, even include the case of letters and special characters.
2, viral infection (Virus Infection)
A few years ago, everyone's concept of viruses is mainly guided type and documentary viruses, but the development of network is so fast. Take a little attention will be seen that in recent years, the harmful worm is the worm program on the Internet. They roam throughout the network, the broadcast speed is very rapid, not only caused endless network obstruction, but also hurts numerous innocent people, while the curse of this class, still come to find out their invasion Let's see the main way:
(1) FLOPPY DISK: Unprotected Using floppy disk may bring you a boot zone or a computer virus that can perform file classes. Although the guiding area virus has almost no survival environment, if you accidentally use the floppy disk that has been infected infected with the guiding area in the early years, although it can't succeed on your computer, it is possible to try Infection will destroy your hard drive partition, resulting in the loss of data, want to have tears.
(2) CD: Empty use of the disc is harmful as the floppy disk, even more than the floppy disk, because the disc is read-only, even if there is a virus, harmful procedures can not be killed, it is easy to use, more worrying Yes, pirated discs are quickly spread, and most of them have been infected by viral. (3) Email: With the development of the Internet network, email is frequent, providing a good living space for worm viruses, a lot of facts prove, just receive an email, even if you don't open the text Or attachments, just select the title head of the message, it is possible to bring the top disaster.
(4) Malicious HomePage: Browse the website is the things you have to do, unfortunately, the past has been considered to browse the website is a safe concept, the continuous broken, a large number of attacks indicate that Just watch the web page of some malicious websites by using the browser, it is entirely possible to perform binary code on your machine. It means that you can run any programs on your machine, including the programs of Trojans and formatting hard drives.
(5) Network Share: The original design of the network is for resource sharing, so most operating systems can set the shared folder to share information with other network users, unfortunately, the virus will infect the shared file Then infect all systems that use this shared file.
3, network attack (NetWork attac)
With the development of network technology, all things are coming, especially the frequent occurrence of network attacks, there is no "Hacker" associated with "Hacker", which once represents the reputation of top system network technology, but now it is almost falling. The abyss of the conscience, the public is far away, the victims of victims still have a lighter, but it can attract a batch of script kid (Script Kids), dedication to the Script Kids, dedicated to achieving the so-called real hackers, bringing The consequence is the home page of many enterprise units. The homepage of the website is innocent, the network system is inexplicably crash. Personal privacy is disclosed on the Internet. When they experience the horses of the network, they don't know that they have brought to the company and individuals. It has been difficult to estimate and have violated national laws. Analysis of the technique of analyzing its network attack will help do safety precautions, not more than the following ways:
(1) Denial of Service: DOS, is to cause system crash by sending a special malformation, causing the system crash or submitting a large number of normal packets for flood type (FLOOD), can lead to the system loss to provide normal The ability to serve, that is, referred to as a refusal attack. There are currently a large number of such programs on the network, and can be easily downloaded, common: Winnuker, Teardrop, Syn Flooder, etc.
(2) Hacker Inbreak: Use the scanner to discover the port and vulnerabilities of the system, and then control the entire system through special programs or perform specific operations, and can do such a person, generally referred to as " hacker". In fact, a large number of hacker events have proven that most of the operating systems currently installed have almost no security, which means that if there is no security measures, it is equal to being in an open state. (3) Trojan: This noun in this Greek myth, finally in the current network after many centuries, once your system is installed, it means that your computer can be like you by others. As free, your one move is in the control of others, and you can even force you to do things you don't want to do, and this person is likely to be on the other side of the earth.
(4) Network Sniffer: When the network is originally designed, it is mainly for education and research, so there is no consideration too much security, and the data on the network is clear, so the sniffing process is If you have time to come, they have laid in the network, quietly capture all the data packets on the network, including account password information and mail content such as FTP, Telnet, etc., and the network has no security.
Second, Safety Solutions (Security Solution)
A good solution is not only comprehensive and complete, but also the main second, focusing on, thereby tissue technology, products, and services, forming a relatively perfect combination to truly play its role. From a secure perspective, then from the aspects of the environment, itself, products, and awareness, comprehensive analysis, and solve problems one by one, and the possible hazardous exclude, then the purpose of safety protection is achieved. Personal Safety Solution Framework See below:
1, ensure physical security (Physical Security)
Physical security is very important, is the foundation of all security, can be tried, if your home is placed in a place where the flood is often flooding, even if you have a good security alarm device, how good your body is healthy, it is difficult to protect your personal Safety is not threatened. Of course, if you only resettle home without natural disasters, you have enough security measures, such as security doors and windows, monitor TV, etc. You can't forget to buy curtains, so as not to leak your privacy. But you can't forget that you want to pull the curtains when you want it, otherwise it will not help. In this way, you should be able to understand the importance of physical security, the same as the personal computer system, and the following points need to pay attention to:
(1) Environment: Environment: No matter how you want to ensure that your computer is safe, try to avoid or alleviate safety threats from natural disasters such as floods, lightning, earthquakes, of course, doors and windows must also have The necessary precautions may otherwise theft may be as unreasonable, although he may not be interested in your data, but it is very likely that you will continue to live in the data, so almost no safety. .
(2) Device: Do not create opportunities that can easily touch your computer, deliberately exposure and manipulating your computer, most of your computer, you can't think that it is safe, otherwise you can't prepare Some people will take the hard drive to copy the data and then take it back, but you don't know what to know, the computer's data replication technology is so perfect, so that the exact same copy is not left without any traces. If possible, it is best to lock your chassis and disable you unused devices in the system to prevent others from stealing data from your floppy drive or USB. (3) Password: People with security concepts will set the power-on password on their own computer, and set the password into the CMOS because he knows that the password hopped to prevent unauthorized access is very difficult. He knows that his password is not too simple, otherwise it is easy to be guessed, and of course he will write the password on the note and attach it to the display, because he is clear that you don't have to password.
(4) Starting safety (BOOT): When most machines are factory-factory, the default system is prioritized from the floppy disk, which is good to install an operating system or other software, such as a CD, and unfortunately Most users have forgotten the settings after installation, which is prioritized from the hard disk, and this, give the people who can physically touch the computer to facilitate the door, just start your machine with a floppy disk, then free access your data Thus, by wraping the password verification function of the operating system, if you do not need a floppy disk to start, you must set the system in CMOS to get started from the hard disk.
2, reinforced operating system (Secure Operating System)
So far, no operating system has been absolutely safe, and with the development of technology, the operating system is getting more complicated, the amount of code is getting bigger and larger, more and more programmers participating in the development, resulting in the operating system itself There are more and more bugs (BUGS), so many operating system vendors have continuously issued a service pack or update (Update) after launching the product, and no matter what the name they use, there is a purpose. , Corrected the bugs of the previously released operating system, or not perfect, of course, also add some optimized code or other functions. As mentioned earlier, most operating systems currently have almost unsafe, many security vulnerabilities in operating systems such as Windows and UNIX illustrate this, in fact, even if they have these patches are not completely Resolve problems, such as open features and system settings are not properly set, will leave security hazards. Therefore, the reinforcement operating system is imperative, mainly from the following aspects:
(1) Install Patches: In general, most operating systems manufacturers will publish information about system updates on their websites. As long as they can be found, they need to pay attention to download patch programs. Before you have to read the included installation instructions to do preventive work such as data backups, because inappropriate installation patches may cause the system to start or data damage.
(2) MINIMIZE SYSTEM: When the system is integrated, it is often used to maximize the installation of the system. It is convenient to debug connectivity, and in fact, many function modules are not needed, the opposite is Follow the principle of minimization, that is to say that it is not installed, it is necessary to install as little, because every one unnecessary module is undoubtedly, there is no more unsafe factor, so The system must strictly check and remove various unnecessary modules to improve system security. (3) SECURITY Configure: There are many factors in the computer system that require settings to have good security, such as: user rights assignment, open or not, the disk space limit, registry Safety configuration, the security level of the browser, etc. The system default configuration is suitable for most people, but their security is often poor, so it is necessary to make a careful setting of the system in the system and security to make the system Reach high security.
3, use personal firewall (Personal Firewall)
Personal firewall is one of the most effective means of network attacks, even if there are many security issues you can't resolve, the use of the firewall will minimize the possibility of attack, it can protected to a large extent Your system information does not leak outward, and can monitor and communicate network packets, reject harmful connections outside the door. Therefore, for a computer connected to the network, use the firewall to protect your own system is a very necessary choice, at least it can effectively help you to resist attacks from the network in the following ways:
(1) Defend D. O.S): A variety of bomb programs such as WinNuker, Teardrop, IGMP Nuker, etc., by sending a malformed data package, and personal firewalls can identify and process alarm.
(2) Close the unnecessary port: The computer connected to the network is unsafe. A very important factor is because the open port is too much. For personal computers, many ports are often not required, personal firewall The port blocking function, can close the unnecessary ports, effectively protect the system information without leakage, and reduce the possibility of hackers to use open port invasion, thereby greatly improves system security.
(3) Monitoring Upper Process: Because Trojans are often hidden in normal procedures, they will be released, while Trojans are often hidden running and then communicate through network and outside, no professional skills and The means is difficult to find, and the personal firewall's monitoring network connection process function can effectively block unknown procedures with Trojans in your system, thus achieving safety protection.
4, use anti-virus software personal version (Personal Anti-Virus)
In the person with safety concept, even if his computer is not connected to the network, even if he is a professional anti-virus expert, it is difficult to see the anti-virus software in his computer system, the number is so huge computer virus. More than tens of thousands, the pathway is so wide, there is a floppy disk, CD, email, etc. And all of this anti-virus software is easy to solve, what you do is to easily take a mouse or set a planned task to upgrade your virus code feature library. Specifically, anti-virus software can do something below: (1) Discover and kill: the scanning function of anti-virus software can determine if the files in the card, hard disk, disc, etc. With a virus program, it is worth noting that the disc is read-only, even if the virus cannot be killed, you can copy the toxic file to the hard drive first, then check it to handle, in general, if there is no virus in the system If you only copy a toxic file, it will not activate the virus.
(2) Monitor and kill: Trojans, bomb web, mail worms, etc. The network-based hazardous procedures are almost a mess, gratifying, anti-virus software now has real-time detection, Can effectively reject these harmful procedures.
(3) Recognize and insient: Virus and anti-virus are always a pair of contradictions. At present, most of the anti-virus software detection principle is based on the identification of the signature, that is, anti-virus programs are always more than viruses. Next, is it not a new virus? No, viruses infection and spread, although it is ever-changing, it is always ruleful, which is through research on virus regulatory research. Now the anti-virus software engine can effectively identify new varieties or variants. The virus came, although it could not be killed, but it can be completely separated from your system, and the purpose of changing your anti-virus software by upgrading your anti-virus software after reporting the isolation area documentation.
5, use encryption software (Encrypt Software)
After adding security measures such as firewalls and anti-viruses to the system, it is not equal to being safe, such as: Your data may still be viewed because it is clear; your email content is also possible. Intercepted, because it is clear. At these, the encryption class software is very powerful. It can transform your data into a seeming messy thing. When you need it, you only need to enter the word to restore the original, and this password is only you talented. I know that even if someone got your data, there is no password word, he is only disappointed. This is the magic of encryption software, which can provide us with security confidentiality in the following aspects:
(1) Data encryption (Data Encrypt): This feature encrypts the disk, directory, file, email, etc. Only if you have a password or a specific unlock file to restore the original, otherwise you will always be able to identify Garbled.
(2) Digital Sign: In this digital network era, people are in this high accuracy of data replication, but they have fallen into the confusion that is often furnished, and the appearance of digital signatures is effectively solved. This issue, by digital signing file or email, the receiving person can easily determine its authenticity. 6, improve security awareness (Security consciousness)
It is mainly reflected in the foregoing, in fact, network security itself is a relatively large concept, involving various aspects such as law, morality, knowledge, management, technology, and strategy, is an organic combination. Not a simple superposition of functions. As far as it is, the whole society is weak, this is a very terrible thing. From a large number of safety incidents, lack of safety awareness is one of the important factors that lead to incidents, so to truly play a safe The effect of protection, while doing technical protection, there is also a need to put security awareness in the schedule. Specifically, there are more attention and attention to the following aspects:
(1) If you need a password, you should set as much as possible and different, and you should replace it regularly.
(2) Be sure to update your firewall and anti-virus, which require frequent updated safety protection software.
(3) Do not run the procedure that is unknown, it must be used first after the anti-virus software is checked.
(4) Navigate to the web, download files and receive Email, make sure that the real-time monitoring of anti-virus software is opened.
(5) Do not use your personal information on the machine, especially Internet cafes.
(6) Any request for important information such as an unrecognized request is to be rejected.
(7) To clean up important information left by the machine, such as cookie, history, etc.
(8) Running a hacker program on its own machine is equal to playing, because your information may be sneaked.
(9) When the blue screen crash, the program is slow, and the system is automatically restarted, it is necessary to check as soon as possible.
(10) Pay attention to the security announcement information released by the network security company, determine if there is related problems in your own system, and solve it in time.
Third, the practical program recommended
In this article, there are many security knowledge, as if individuals do safety protection is a very complicated thing. In fact, although it is not simple, it is absolutely unparalleled. Here, the following introduces several practical personal safety solutions. Some of them may require some cost, but there are free can be used, which will eventually reach a purpose, that is to ensure your system security, although it is not able to solve all security problems, but will certainly solve most Question, fully meet the safety needs of most people.
1, ordinary user type
Operating system: Windows 98 or Windows ME
Application Software: Office Series, Outlook Express or Foxmail, Game, QQ, etc.
Major users: office, browse websites, send and receive email, download software, games, chat, etc.
solution:
(1) Reinforcement operating system
(2) Tiannun firewall
(3) Jinshan drug tyrants
(4) PGP encryption
2, professional user
Operating system: Windows 2000 Professional or Windows XP Professional
Application Software: Office Series, Outlook Express or Foxmail, Visual Studio, Delphi and other major users: office, development and commissioning, browsing website, sending and receiving email, download software, etc.
solution:
(1) Reinforcement operating system
(2) Blackice personal firewall
(3) Norton NAV
(4) PGP encryption
